[libvirt] [PATCH 02/16] virconf: fix off-by-1 when appending \n to config file
Daniel P. Berrange
berrange at redhat.com
Mon Jul 11 09:45:21 UTC 2016
If the config file does not end with a \n, the parser will append
one. When re-allocating the array though, it is mistakenly assuming
that 'len' is the length including the trailing NUL, but it does
not. So we must add 2 to len, when reallocating, not 1.
Signed-off-by: Daniel P. Berrange <berrange at redhat.com>
---
src/util/virconf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/util/virconf.c b/src/util/virconf.c
index 7c98588..33e7744 100644
--- a/src/util/virconf.c
+++ b/src/util/virconf.c
@@ -779,7 +779,7 @@ virConfReadFile(const char *filename, unsigned int flags)
if (len && len < MAX_CONFIG_FILE_SIZE && content[len - 1] != '\n') {
VIR_DEBUG("appending newline to busted config file %s", filename);
- if (VIR_REALLOC_N(content, len + 1) < 0)
+ if (VIR_REALLOC_N(content, len + 2) < 0)
goto cleanup;
content[len++] = '\n';
content[len] = '\0';
--
2.7.4
More information about the libvir-list
mailing list