From 82d07945652f16078b172d2bd46659e8f5f30d8e Mon Sep 17 00:00:00 2001 From: Markus Armbruster Date: Wed, 26 Feb 2014 10:30:03 -0700 Subject: [PATCH] pci-assign: Fix potential read beyond buffer on -EBUSY readlink() doesn't write a terminating null byte. assign_failed_examine() passes the unterminated string to strrchr(). Oops. Terminate it. Spotted by Coverity. Signed-off-by: Markus Armbruster Reviewed-by: Peter Maydell Signed-off-by: Alex Williamson --- hw/i386/kvm/pci-assign.c | 1 + 1 file changed, 1 insertion(+) diff --git a/hw/i386/kvm/pci-assign.c b/hw/i386/kvm/pci-assign.c index 968680104b..a825871d8a 100644 --- a/hw/i386/kvm/pci-assign.c +++ b/hw/i386/kvm/pci-assign.c @@ -743,6 +743,7 @@ static void assign_failed_examine(AssignedDevice *dev) goto fail; } + driver[r] = 0; ns = strrchr(driver, '/'); if (!ns) { goto fail; -- 2.11.4.GIT