[Libvir] Fix for buffer overflow in network setup
Daniel Veillard
veillard at redhat.com
Tue Mar 20 16:40:56 UTC 2007
On Tue, Mar 20, 2007 at 04:27:14PM +0000, Daniel P. Berrange wrote:
> There was a buffer overflow in teh code to deal with building command line
> arguments which was only exposed when the Fedora RPM builds uses the
> stack protector args to GCC. The attached patch increases the buffer size
> and uses snprintf() instead of sprintf().
Please apply !
> BTW, if anyone is looking for a patch to write - removing all other calls
> to sprintf() would be a worthy task :-)
Added to TODO in my checkout, I may end up doing it,
Daniel
--
Red Hat Virtualization group http://redhat.com/virtualization/
Daniel Veillard | virtualization library http://libvirt.org/
veillard at redhat.com | libxml GNOME XML XSLT toolkit http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine http://rpmfind.net/
More information about the libvir-list
mailing list