From nobody Thu Dec 18 19:33:24 2025 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1609770312; cv=none; d=zohomail.com; s=zohoarc; b=MdEWSNnItYUwT+0Xp4im1JuQWLW/tssjGi62eACeWZaemtN9nXVTFXlgJxzdyCaHC3eJITQYVWYF3JlPRAr9dw4efcqycbZlLNDHhrB0SSPsaAFeqguXyfazRPVVsDJCUVAx49lSy4D9ZFZHRzB86qnA/z8P2MyPsw09RDSKU8Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1609770312; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=NV3wRtHJvfSofd6wt7m1krpaUvC5iIObOvg/qGbj0Xk=; b=WuWHT7mwFau+K9zn+wFFQGVLDXOFc7PVCufU7ChZVsrjE3tjC8O5Zq+/Nmdmg/Rtw/IBT5/4lCz1UZcaOqz+GL+9plI0JPWdMUgdCDwa1GcLToDZqRDD+mcA2IH/PH1ELCfZU6eoxv1qwqMl+Iue6F8vYXSs3GGWCDJedpN97bE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1609770312609646.2821580207279; Mon, 4 Jan 2021 06:25:12 -0800 (PST) Received: from localhost ([::1]:34736 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kwQnH-00043H-G3 for importer@patchew.org; Mon, 04 Jan 2021 09:25:11 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]:42482) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kwQlX-0002fe-GI for qemu-devel@nongnu.org; Mon, 04 Jan 2021 09:23:23 -0500 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:53980) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kwQlV-0006JE-Tj for qemu-devel@nongnu.org; Mon, 04 Jan 2021 09:23:23 -0500 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-480-6XO5_qk_PYOzaC5C4UwzIA-1; Mon, 04 Jan 2021 09:23:16 -0500 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 93ECB8143EA; Mon, 4 Jan 2021 14:23:15 +0000 (UTC) Received: from localhost (ovpn-113-37.ams2.redhat.com [10.36.113.37]) by smtp.corp.redhat.com (Postfix) with ESMTP id 47C7960C04; Mon, 4 Jan 2021 14:23:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1609770200; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=NV3wRtHJvfSofd6wt7m1krpaUvC5iIObOvg/qGbj0Xk=; b=aPaLr6yhrUW1xpWeB50K9Su1ZG9hz3GU6ZwxF3YRoGFRZDVMwz8+gEgTyroHlL4lyARgLG ewXfTulzwHT87x2hnI84ZhEAoRkFcc02ixZKbC3QGP8CxZOYD7YW/jzEP/m/QbEGaHsxNw +TlH9YiTpd/njcshxQfeOw/Kkc5IxW8= X-MC-Unique: 6XO5_qk_PYOzaC5C4UwzIA-1 From: Stefan Hajnoczi To: Peter Maydell , qemu-devel@nongnu.org Subject: [PULL 1/1] readline: Fix possible array index out of bounds in readline_hist_add() Date: Mon, 4 Jan 2021 14:23:04 +0000 Message-Id: <20210104142304.461097-2-stefanha@redhat.com> In-Reply-To: <20210104142304.461097-1-stefanha@redhat.com> References: <20210104142304.461097-1-stefanha@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=stefanha@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=63.128.21.124; envelope-from=stefanha@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-Spam_score_int: -12 X-Spam_score: -1.3 X-Spam_bar: - X-Spam_report: (-1.3 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.243, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, MIME_BASE64_TEXT=1.741, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Alex Chen , Stefan Hajnoczi , qemu-block@nongnu.org, Euler Robot Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Content-Type: text/plain; charset="utf-8" From: Alex Chen When the 'cmdline' is the last entry in 'rs->history' array, there is no need to put this entry to the end of the array, partly because it is the last entry, and partly because the next operition will lead to array index out of bounds. Reported-by: Euler Robot Signed-off-by: Alex Chen Message-id: 20201203135043.117072-1-alex.chen@huawei.com Signed-off-by: Stefan Hajnoczi --- util/readline.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/util/readline.c b/util/readline.c index e534460da6..f1ac6e4769 100644 --- a/util/readline.c +++ b/util/readline.c @@ -240,6 +240,9 @@ static void readline_hist_add(ReadLineState *rs, const = char *cmdline) } if (strcmp(hist_entry, cmdline) =3D=3D 0) { same_entry: + if (idx =3D=3D READLINE_MAX_CMDS - 1) { + return; + } new_entry =3D hist_entry; /* Put this entry at the end of history */ memmove(&rs->history[idx], &rs->history[idx + 1], --=20 2.29.2