@@ -754,7 +754,7 @@ struct X86CPUDefinition {
int model;
int stepping;
FeatureWordArray features;
- char model_id[48];
+ const char *model_id;
};
static X86CPUDefinition builtin_x86_defs[] = {
@@ -2718,6 +2718,9 @@ static void x86_cpu_cpudef_class_init(ObjectClass *oc, void *data)
X86CPUDefinition *cpudef = data;
X86CPUClass *xcc = X86_CPU_CLASS(oc);
+ /* catch mistakes instead of silently truncating model_id when too long */
+ assert(!cpudef->model_id || strlen(cpudef->model_id) <= 48);
+
xcc->cpu_def = cpudef;
xcc->migration_safe = true;
}
It is valid to have a 48-character model ID on CPUID, however the definition of X86CPUDefinition::model_id is char[48], which can make the compiler drop the null terminator from the string. If a CPU model happens to have 48 bytes on model_id, "-cpu help" will print garbage and the object_property_set_str() call at x86_cpu_load_def() will read data outside the model_id array. We could increase the array size to 49, but this would mean the compiler would not issue a warning if a 49-char string is used by mistake for model_id. To make things simpler, simply change model_id to be const char*, and validate the string length using an assert() on x86_cpu_cpudef_class_init. Reported-by: "Dr. David Alan Gilbert" <dgilbert@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> --- target/i386/cpu.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)