From: Gabe Black <gabeblack@google.com>
Date: Mon, 25 May 2020 11:24:11 +0000 (-0700)
Subject: sim: Fix a possible memory error in copyOutStatfsBuf.
X-Git-Tag: v20.1.0.0~626
X-Git-Url: https://git.libre-soc.org/?a=commitdiff_plain;h=1e2f4a8aa6f94a55faa90b071c820b7192fe75c7;p=gem5.git

sim: Fix a possible memory error in copyOutStatfsBuf.

When memcpy-ing, we need to be sure not to read beyond the end of the
source, or write beyond the end of the target.

Change-Id: I3cf259bedce4c6e88aef47ef5379aab198338cb7
Reviewed-on: https://gem5-review.googlesource.com/c/public/gem5/+/29404
Reviewed-by: Jason Lowe-Power <power.jg@gmail.com>
Maintainer: Gabe Black <gabeblack@google.com>
Tested-by: kokoro <noreply+kokoro@google.com>
---

diff --git a/src/sim/syscall_emul.hh b/src/sim/syscall_emul.hh
index 55d30f300..247a98ca0 100644
--- a/src/sim/syscall_emul.hh
+++ b/src/sim/syscall_emul.hh
@@ -677,7 +677,8 @@ copyOutStatfsBuf(PortProxy &mem, Addr addr,
     tgt->f_frsize = htog(host->f_frsize, bo);
 #endif
 #if defined(__linux__)
-    memcpy(&tgt->f_spare, &host->f_spare, sizeof(host->f_spare));
+    memcpy(&tgt->f_spare, &host->f_spare,
+            std::min(sizeof(host->f_spare), sizeof(tgt->f_spare)));
 #else
     /*
      * The fields are different sizes per OS. Don't bother with