qemudExtractMonitorPath() was doing a VIR_ALLOC_N followed by a
strncpy. However, this isn't necessary; we can do the same thing
using virAsprintf(), which is much safer.
Signed-off-by: Chris Lalancette <clalance@xxxxxxxxxx>
---
src/qemu_driver.c | 7 ++++---
1 files changed, 4 insertions(+), 3 deletions(-)
diff --git a/src/qemu_driver.c b/src/qemu_driver.c
index 55a09f5..37fdec2 100644
--- a/src/qemu_driver.c
+++ b/src/qemu_driver.c
@@ -1017,12 +1017,13 @@ qemudExtractMonitorPath(virConnectPtr conn,
*/
while (*tmp) {
if (c_isspace(*tmp)) {
- if (VIR_ALLOC_N(*path, (tmp-dev)+1) < 0) {
+ if (virAsprintf(path, "%s", dev) < 0) {
virReportOOMError(conn);
return -1;
}
- strncpy(*path, dev, (tmp-dev));
- (*path)[(tmp-dev)] = '\0';
+ /* the last character is a \n, so back up one to overwrite */
+ (*path)[tmp-dev] = '\0';
+
/* ... now further update offset till we get EOL */
*offset = tmp - haystack;
return 0;
--
1.6.0.6
--
Libvir-list mailing list
Libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list