Fix off-by-1 in QEMU boot arg array handling

A QEMU guest can have upto VIR_DOMAIN_BOOT_LAST boot entries
defined. When building the QEMU arg, each entry takes a
single byte. This means the array must be declared to be
VIR_DOMAIN_BOOT_LAST+1 bytes in length to allow for the
trailing null

* src/qemu/qemu_conf.c: Fix off-by-1 boot arg array size

diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index aa34d63ddbf71a18a536599a215b2c3051bb5aa9..7a37c703134e4f0adc37e9237f11ecfdbb6e6101 100644 (file)
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -3662,7 +3662,7 @@ int qemudBuildCommandLine(virConnectPtr conn,
 {
     int i;
     char memory[50];
-    char boot[VIR_DOMAIN_BOOT_LAST];
+    char boot[VIR_DOMAIN_BOOT_LAST+1];
     struct utsname ut;
     int disableKQEMU = 0;
     int enableKQEMU = 0;