Re: [PATCH] Handle copying bitmaps to larger data buffers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Gentle reminder. Any comments on this patch?

Thanks,
John

On Mon, Apr 15, 2019 at 09:43:07AM -0500, Allen, John wrote:
> If a bitmap of a shorter length than the data buffer is passed to
> virBitmapToDataBuf, it will read off the end of the bitmap and copy junk
> into the returned buffer. Add a check to only copy the length of the
> bitmap to the buffer.
> 
> The problem can be observed after setting a vcpu affinity using the vcpupin
> command on a system with a large number of cores:
>   # virsh vcpupin example_domain 0 0
>   # virsh vcpupin example_domain 0
>      VCPU   CPU Affinity
>     ---------------------------
>      0      0,192,197-198,202
> 
> Signed-off-by: John Allen <john.allen@xxxxxxx>
> ---
> diff --git a/src/util/virbitmap.c b/src/util/virbitmap.c
> index d074f29e54..021174cbb3 100644
> --- a/src/util/virbitmap.c
> +++ b/src/util/virbitmap.c
> @@ -824,11 +824,15 @@ virBitmapToDataBuf(virBitmapPtr bitmap,
>                     unsigned char *bytes,
>                     size_t len)
>  {
> +    size_t nbytes = bitmap->map_len * (VIR_BITMAP_BITS_PER_UNIT / CHAR_BIT);
>      unsigned long *l;
>      size_t i, j;
>  
>      memset(bytes, 0, len);
>  
> +    /* If bitmap and buffer differ in size, only fill to the smaller length */
> +    len = MIN(len, nbytes);
> +
>      /* htole64 is not provided by gnulib, so we do the conversion by hand */
>      l = bitmap->map;
>      for (i = j = 0; i < len; i++, j++) {

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list



[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]

  Powered by Linux