[libvirt] [PATCH 03/34] vz: Fix invalid iteration of def->cputune.vcpupin

Peter Krempa pkrempa at redhat.com
Thu Jan 14 16:26:51 UTC 2016


The array doesn't necessarily have the same cardinality as the count of
vCPUs for a domain. Iterating it can cause access beyond the end of the
array.
---
 src/vz/vz_sdk.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/vz/vz_sdk.c b/src/vz/vz_sdk.c
index b78c413..d610979 100644
--- a/src/vz/vz_sdk.c
+++ b/src/vz/vz_sdk.c
@@ -1958,7 +1958,7 @@ prlsdkCheckUnsupportedParams(PRL_HANDLE sdkdom, virDomainDefPtr def)
     }

     if (def->cputune.vcpupin) {
-        for (i = 0; i < virDomainDefGetVcpus(def); i++) {
+        for (i = 0; i < def->cputune.nvcpupin; i++) {
             if (!virBitmapEqual(def->cpumask,
                                 def->cputune.vcpupin[i]->cpumask)) {
                 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-- 
2.6.2




More information about the libvir-list mailing list