[libvirt] [PATCH] buf: protect against integer overflow
Eric Blake
eblake at redhat.com
Fri Jun 24 22:11:37 UTC 2011
On 06/24/2011 02:27 PM, Matthias Bolte wrote:
> 2011/6/24 Eric Blake <eblake at redhat.com>:
>> It's unlikely that we'll ever want to escape a string as long as
>> INT_MAX/6, but adding this check can't hurt.
>>
>> * src/util/buf.c (virBufferEscapeSexpr, virBufferEscapeString):
>> Check for (unlikely) overflow.
>> ---
>> src/util/buf.c | 6 ++++--
>> 1 files changed, 4 insertions(+), 2 deletions(-)
>
> ACK.
Thanks; pushed.
There are remaining instances of 'ALLOC.* \* ' in the tree, but they all
appear to be safe (both quantities can be verified to be small enough
that the product will never overflow, in part because of the up-front
filtering I just did for virDomainGetVcpus).
--
Eric Blake eblake at redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 619 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20110624/72938b09/attachment-0001.sig>
More information about the libvir-list
mailing list