[Libguestfs] [PATCH] lib: update inspect_list_applications to return all installed RPMs (RHBZ#859885)
Richard W.M. Jones
rjones at redhat.com
Mon Oct 29 19:38:25 UTC 2012
On Mon, Oct 29, 2012 at 03:12:36PM -0400, John Eckersberg wrote:
> >> + offset = be32toh(*(uint32_t *) (cursor + 8));
> >> + return safe_strdup(g, store + offset);
.. and also isn't this calculation suspect? 'offset' is entirely
calculated from user data, potentially causing 'store + offset' to
point to more or less arbitrary memory in the process.
Rich.
--
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
virt-p2v converts physical machines to virtual machines. Boot with a
live CD or over the network (PXE) and turn machines into Xen guests.
http://et.redhat.com/~rjones/virt-p2v
More information about the Libguestfs
mailing list