[libvirt] [PATCH 12/20] daemon: Remove 4kb stack allocation of security label

Daniel P. Berrange berrange at redhat.com
Mon Apr 4 10:35:53 UTC 2011 

On Sun, Apr 03, 2011 at 11:21:25AM +0200, Matthias Bolte wrote:
> ---
>  daemon/remote.c |   20 ++++++++++++++------
>  1 files changed, 14 insertions(+), 6 deletions(-)
> 
> diff --git a/daemon/remote.c b/daemon/remote.c
> index 1700c2d..dd85ef1 100644
> --- a/daemon/remote.c
> +++ b/daemon/remote.c
> @@ -1607,7 +1607,7 @@ remoteDispatchDomainGetSecurityLabel(struct qemud_server *server ATTRIBUTE_UNUSE
>                                       remote_domain_get_security_label_ret *ret)
>  {
>      virDomainPtr dom;
> -    virSecurityLabel seclabel;
> +    virSecurityLabelPtr seclabel;
>  
>      dom = get_nonnull_domain(conn, args->dom);
>      if (dom == NULL) {
> @@ -1615,22 +1615,30 @@ remoteDispatchDomainGetSecurityLabel(struct qemud_server *server ATTRIBUTE_UNUSE
>          return -1;
>      }
>  
> -    memset(&seclabel, 0, sizeof seclabel);
> -    if (virDomainGetSecurityLabel(dom, &seclabel) == -1) {
> +    if (VIR_ALLOC(seclabel) < 0) {
> +        virDomainFree(dom);
> +        remoteDispatchOOMError(rerr);
> +        return -1;
> +    }
> +
> +    if (virDomainGetSecurityLabel(dom, seclabel) == -1) {
>          remoteDispatchConnError(rerr, conn);
>          virDomainFree(dom);
> +        VIR_FREE(seclabel);
>          return -1;
>      }
>  
> -    ret->label.label_len = strlen(seclabel.label) + 1;
> +    ret->label.label_len = strlen(seclabel->label) + 1;
>      if (VIR_ALLOC_N(ret->label.label_val, ret->label.label_len) < 0) {
>          virDomainFree(dom);
> +        VIR_FREE(seclabel);
>          remoteDispatchOOMError(rerr);
>          return -1;
>      }
> -    strcpy(ret->label.label_val, seclabel.label);
> -    ret->enforcing = seclabel.enforcing;
> +    strcpy(ret->label.label_val, seclabel->label);
> +    ret->enforcing = seclabel->enforcing;
>      virDomainFree(dom);
> +    VIR_FREE(seclabel);
>  
>      return 0;
>  }

ACK


Daniel
-- 
|: http://berrange.com      -o-    http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org              -o-             http://virt-manager.org :|
|: http://autobuild.org       -o-         http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org       -o-       http://live.gnome.org/gtk-vnc :|

More information about the libvir-list mailing list