On Thu, 23 Jan 2020 08:05:33 +0100
Thomas Huth <th...@redhat.com> wrote:
> The code in translate_one() leaks a stack address via "s->field" parameter:
>
> static DisasJumpType translate_one(CPUS390XState *env, DisasContext *s)
> {
> DisasJumpType ret = DISAS_NEXT;
> DisasFields f;
> [...]
> s->fields = &f;
> [...]
> return ret;
> }
>
> It's currently harmless since the caller does not seem to use "fields"
> anymore, but let's better play safe (and please static code analyzers)
> by setting the fields back to NULL before returning.
>
> Buglink: https://bugs.launchpad.net/qemu/+bug/1661815
> Signed-off-by: Thomas Huth <th...@redhat.com>
> ---
> target/s390x/translate.c | 2 ++
> 1 file changed, 2 insertions(+)
Thanks, applied.
