[libvirt] [PATCH] uml: sanity check external data before using it

Jim Meyering jim at meyering.net
Wed Mar 3 16:44:24 UTC 2010

Eric Blake wrote:
> According to Eric Blake on 3/3/2010 9:34 AM:
>> Otherwise, a malicious packet could cause a DoS via spurious
>> out-of-memory failure.
>> +        if (sizeof res < res.length) {
> Phooey; posted the wrong version.  That should be sizeof res.data, not
> sizeof res, given the later use of:
>         memcpy(retdata + retlen, res.data, res.length);

I knew what you meant ;)
Glad you caught it.

More information about the libvir-list mailing list