[Libvir] Fix for buffer overflow in network setup

Daniel Veillard veillard at redhat.com
Tue Mar 20 16:40:56 UTC 2007


On Tue, Mar 20, 2007 at 04:27:14PM +0000, Daniel P. Berrange wrote:
> There was a buffer overflow in teh code to deal with building command line
> arguments which was only exposed when the Fedora RPM builds uses the 
> stack protector args to GCC. The attached patch increases the buffer size
> and uses snprintf() instead of sprintf().

  Please apply !

> BTW, if anyone is looking for a patch to write - removing all other calls
> to sprintf() would be a worthy task :-)

  Added to TODO in my checkout, I may end up doing it,

Daniel

-- 
Red Hat Virtualization group http://redhat.com/virtualization/
Daniel Veillard      | virtualization library  http://libvirt.org/
veillard at redhat.com  | libxml GNOME XML XSLT toolkit  http://xmlsoft.org/
http://veillard.com/ | Rpmfind RPM search engine  http://rpmfind.net/




More information about the libvir-list mailing list