[libvirt] [PATCH] Handle copying bitmaps to larger data buffers
Pavel Hrdina
phrdina at redhat.com
Thu Apr 25 09:42:53 UTC 2019
On Mon, Apr 15, 2019 at 02:43:07PM +0000, Allen, John wrote:
> If a bitmap of a shorter length than the data buffer is passed to
> virBitmapToDataBuf, it will read off the end of the bitmap and copy junk
> into the returned buffer. Add a check to only copy the length of the
> bitmap to the buffer.
>
> The problem can be observed after setting a vcpu affinity using the vcpupin
> command on a system with a large number of cores:
> # virsh vcpupin example_domain 0 0
> # virsh vcpupin example_domain 0
> VCPU CPU Affinity
> ---------------------------
> 0 0,192,197-198,202
>
> Signed-off-by: John Allen <john.allen at amd.com>
> ---
Thanks for the patch, pushed now.
> diff --git a/src/util/virbitmap.c b/src/util/virbitmap.c
> index d074f29e54..021174cbb3 100644
> --- a/src/util/virbitmap.c
> +++ b/src/util/virbitmap.c
> @@ -824,11 +824,15 @@ virBitmapToDataBuf(virBitmapPtr bitmap,
> unsigned char *bytes,
> size_t len)
> {
> + size_t nbytes = bitmap->map_len * (VIR_BITMAP_BITS_PER_UNIT / CHAR_BIT);
> unsigned long *l;
> size_t i, j;
>
> memset(bytes, 0, len);
>
> + /* If bitmap and buffer differ in size, only fill to the smaller length */
> + len = MIN(len, nbytes);
> +
I would probably store the min back to nbytes and used that but it
doesn't matter.
> /* htole64 is not provided by gnulib, so we do the conversion by hand */
> l = bitmap->map;
> for (i = j = 0; i < len; i++, j++) {
Pavel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20190425/58c82bae/attachment-0001.sig>
More information about the libvir-list
mailing list