mirror of
https://gitlab.com/qemu-project/qemu
synced 2024-11-05 20:35:44 +00:00
3fde641e72
In one case: memcpy(sid->inmsg + sid->inlen, buf, len); if len == 0 then sid->inmsg + sig->inlen can point to one past the inmsg array if the array is full. We have to allow len == 0 due to some vagueness in the spec, but we don't have to call memcpy. Found by Coverity. This is not a problem in practice, but the results are technically (maybe) undefined. So make Coverity happy. Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Corey Minyard <cminyard@mvista.com> Acked-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> |
||
---|---|---|
.. | ||
ipmi.c | ||
ipmi_bmc_extern.c | ||
ipmi_bmc_sim.c | ||
ipmi_bt.c | ||
ipmi_kcs.c | ||
isa_ipmi_bt.c | ||
isa_ipmi_kcs.c | ||
Kconfig | ||
meson.build | ||
pci_ipmi_bt.c | ||
pci_ipmi_kcs.c | ||
smbus_ipmi.c |