[libvirt] [PATCH 2/2] remote: protect against integer overflow
Matthias Bolte
matthias.bolte at googlemail.com
Fri Jun 24 19:48:56 UTC 2011
2011/6/24 Eric Blake <eblake at redhat.com>:
> Integer overflow and remote code are never a nice mix.
>
> This has existed since commit 56cd414.
>
> * src/libvirt.c (virDomainGetVcpus): Reject overflow up front.
> * src/remote/remote_driver.c (remoteDomainGetVcpus): Avoid overflow
> on sending rpc.
> * daemon/remote.c (remoteDispatchDomainGetVcpus): Avoid overflow on
> receiving rpc.
> ---
>
> Gnulib makes checking for multiply overflow easy.
>
> daemon/remote.c | 4 +++-
> src/libvirt.c | 5 +++--
> src/remote/remote_driver.c | 4 +++-
> 3 files changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/daemon/remote.c b/daemon/remote.c
> index 48624d6..8d04fc7 100644
> --- a/daemon/remote.c
> +++ b/daemon/remote.c
> @@ -61,6 +61,7 @@
> #include "network.h"
> #include "libvirt/libvirt-qemu.h"
> #include "command.h"
> +#include "intprops.h"
I see this file in ./gnulib/lib but intprops is not listed in
bootstrap.conf, so it's probably pulled in as a dependency for another
module. But it doesn't hurt to be explicit and list it in
bootstrap.conf.
ACK, with that fixed.
--
Matthias Bolte
http://photron.blogspot.com
More information about the libvir-list
mailing list