From: Prasad J Pandit <p...@fedoraproject.org> Arguments passed to execve(2) call from user program could be large, allocating stack memory for them via alloca(3) call would lead to bad behaviour. Use 'g_malloc0' to allocate memory for such arguments.
Signed-off-by: Prasad J Pandit <p...@fedoraproject.org> --- linux-user/syscall.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) Update per: replace alloca() with g_malloc0() -> https://lists.gnu.org/archive/html/qemu-devel/2017-03/msg00750.html diff --git a/linux-user/syscall.c b/linux-user/syscall.c index 86a4a9c..404fb0b 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -7800,8 +7800,8 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1, ret = -TARGET_E2BIG; break; } - argp = alloca((argc + 1) * sizeof(void *)); - envp = alloca((envc + 1) * sizeof(void *)); + argp = g_malloc0((argc + 1) * sizeof(void *)); + envp = g_malloc0((envc + 1) * sizeof(void *)); for (gp = guest_argp, q = argp; gp; gp += sizeof(abi_ulong), q++) { @@ -7862,6 +7862,9 @@ abi_long do_syscall(void *cpu_env, int num, abi_long arg1, break; unlock_user(*q, addr, 0); } + + g_free(argp); + g_free(envp); } break; case TARGET_NR_chdir: -- 2.9.3
