From 5ba63a44706173b556b8d5632872b39a09d7f16d Mon Sep 17 00:00:00 2001
From: Rupert Swarbrick <rswarbrick@gmail.com>
Date: Tue, 22 Feb 2022 02:58:18 +0000
Subject: [PATCH] Avoid an unnecessary strcpy (#925)

We don't actually know that the field in the DTB points at a string
that's less than 256 bytes long, I don't think, so this could probably
cause a buffer overflow on the stack. Anyway, it turns out that
there's no need to copy anything anyway, so let's just update a char**
instead.
---
 riscv/dts.cc | 7 +++++--
 riscv/dts.h  | 2 +-
 riscv/sim.cc | 6 +++---
 3 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/riscv/dts.cc b/riscv/dts.cc
index 46000d8f..09accf9a 100644
--- a/riscv/dts.cc
+++ b/riscv/dts.cc
@@ -3,6 +3,7 @@
 #include "dts.h"
 #include "libfdt.h"
 #include "platform.h"
+#include <cassert>
 #include <iostream>
 #include <sstream>
 #include <signal.h>
@@ -306,8 +307,10 @@ int fdt_parse_pmp_alignment(void *fdt, int cpu_offset, reg_t *pmp_align)
   return 0;
 }
 
-int fdt_parse_mmu_type(void *fdt, int cpu_offset, char *mmu_type)
+int fdt_parse_mmu_type(void *fdt, int cpu_offset, const char **mmu_type)
 {
+  assert(mmu_type);
+
   int len, rc;
   const void *prop;
 
@@ -318,7 +321,7 @@ int fdt_parse_mmu_type(void *fdt, int cpu_offset, char *mmu_type)
   if (!prop || !len)
     return -EINVAL;
 
-  strcpy(mmu_type, (char *)prop);
+  *mmu_type = (const char *)prop;
 
   return 0;
 }
diff --git a/riscv/dts.h b/riscv/dts.h
index 1c3a54d2..62081511 100644
--- a/riscv/dts.h
+++ b/riscv/dts.h
@@ -23,5 +23,5 @@ int fdt_parse_clint(void *fdt, reg_t *clint_addr,
                     const char *compatible);
 int fdt_parse_pmp_num(void *fdt, int cpu_offset, reg_t *pmp_num);
 int fdt_parse_pmp_alignment(void *fdt, int cpu_offset, reg_t *pmp_align);
-int fdt_parse_mmu_type(void *fdt, int cpu_offset, char *mmu_type);
+int fdt_parse_mmu_type(void *fdt, int cpu_offset, const char **mmu_type);
 #endif
diff --git a/riscv/sim.cc b/riscv/sim.cc
index a0f13ae7..ad7e45b0 100644
--- a/riscv/sim.cc
+++ b/riscv/sim.cc
@@ -136,8 +136,8 @@ sim_t::sim_t(const char* isa, const char* priv, const char* varch,
     }
 
     //handle mmu-type
-    char mmu_type[256] = "";
-    rc = fdt_parse_mmu_type(fdt, cpu_offset, mmu_type);
+    const char *mmu_type;
+    rc = fdt_parse_mmu_type(fdt, cpu_offset, &mmu_type);
     if (rc == 0) {
       procs[cpu_idx]->set_mmu_capability(IMPL_MMU_SBARE);
       if (strncmp(mmu_type, "riscv,sv32", strlen("riscv,sv32")) == 0) {
@@ -151,7 +151,7 @@ sim_t::sim_t(const char* isa, const char* priv, const char* varch,
       } else {
         std::cerr << "core ("
                   << hartids.size()
-                  << ") doesn't have valid 'mmu-type'"
+                  << ") has an invalid 'mmu-type': "
                   << mmu_type << ").\n";
         exit(1);
       }