28.01.2024 10:15, Akihiko Odaki:
> qemu_smbios_type11_opts did not the list terminator and that resulted in
..did not *have* the list terminator.., here and in 2/2.
> out-of-bound memory access. qemu_smbios_type11_opts also needs to have
> an element for the type option.
>
> Fixes: 2d6dcbf93fb0 ("smbios: support setting OEM strings table")
Wow. That's long ago..
This is a -stable material.
And since it's exactly the same 2 problems in 2 nearby places, it can
be combined into a single patch, but it definitely works this way too,
just a question of taste.
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
> Signed-off-by: Akihiko Odaki <akihiko.odaki@daynix.com>
> ---
> hw/smbios/smbios.c | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/hw/smbios/smbios.c b/hw/smbios/smbios.c
> index 2a90601ac5d9..522ed1ed9fe3 100644
> --- a/hw/smbios/smbios.c
> +++ b/hw/smbios/smbios.c
> @@ -369,6 +369,11 @@ static const QemuOptDesc qemu_smbios_type8_opts[] = {
> };
>
> static const QemuOptDesc qemu_smbios_type11_opts[] = {
> + {
> + .name = "type",
> + .type = QEMU_OPT_NUMBER,
> + .help = "SMBIOS element type",
> + },
> {
> .name = "value",
> .type = QEMU_OPT_STRING,
> @@ -379,6 +384,7 @@ static const QemuOptDesc qemu_smbios_type11_opts[] = {
> .type = QEMU_OPT_STRING,
> .help = "OEM string data from file",
> },
> + { /* end of list */ }
> };
>
> static const QemuOptDesc qemu_smbios_type17_opts[] = {
>