[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] buf: protect against integer overflow



On 06/24/2011 02:27 PM, Matthias Bolte wrote:
> 2011/6/24 Eric Blake <eblake redhat com>:
>> It's unlikely that we'll ever want to escape a string as long as
>> INT_MAX/6, but adding this check can't hurt.
>>
>> * src/util/buf.c (virBufferEscapeSexpr, virBufferEscapeString):
>> Check for (unlikely) overflow.
>> ---
>>  src/util/buf.c |    6 ++++--
>>  1 files changed, 4 insertions(+), 2 deletions(-)
> 
> ACK.

Thanks; pushed.

There are remaining instances of 'ALLOC.* \* ' in the tree, but they all
appear to be safe (both quantities can be verified to be small enough
that the product will never overflow, in part because of the up-front
filtering I just did for virDomainGetVcpus).

-- 
Eric Blake   eblake redhat com    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]