[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH RFC v3 5/6] qemu: Implement cfs_period and cfs_quota's modification



At 07/19/2011 04:44 AM, Adam Litke Write:
> 
> 
> On 07/18/2011 04:42 AM, Wen Congyang wrote:
>> @@ -5983,7 +6169,30 @@ out:
>>          goto cleanup;
>>      }
>>
>> -    *nparams = 1;
>> +    if (*nparams > 1) {
>> +        params[1].value.ul = period;
>> +        params[1].type = VIR_TYPED_PARAM_ULLONG;
>> +        if (virStrcpyStatic(params[1].field, "cfs_period") == NULL) {
>> +            qemuReportError(VIR_ERR_INTERNAL_ERROR,
>> +                            "%s",
>> +                            _("Field cfs_period too long for destination"));
>> +            goto cleanup;
>> +        }
>> +
>> +        params[2].value.ul = quota;
> 
> Possible buffer overflow if *nparams == 2 ...

Yes, I forgot check the value :(

> 
>> +        params[2].type = VIR_TYPED_PARAM_LLONG;
>> +        if (virStrcpyStatic(params[2].field, "cfs_quota") == NULL) {
>> +            qemuReportError(VIR_ERR_INTERNAL_ERROR,
>> +                            "%s",
>> +                            _("Field cfs_quota too long for destination"));
>> +            goto cleanup;
>> +        }
>> +
>> +        *nparams = 3;
>> +    } else {
>> +        *nparams = 1;
>> +    }
>> +
>>      ret = 0;
>>
>>  cleanup:
> 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]