On Fri, Jan 29, 2021 at 17:16:10 +0100, Tim Wiederhake wrote: > I stumbled upon a buffer overflow / stack smash present in > "test/commandhelper.c" that could be triggered by e.g. > > $ ./tests/commandhelper --readfd 0 --readfd 0 --readfd 0 --readfd x > Could not parse fd x > *** stack smashing detected ***: terminated > Aborted (core dumped) > > This series cleans up the file, fixes the buffer overflow and converts > (most) memory handling to g_auto*. > > Note that it does not touch the "prevent malloc with zero size" issue > discussed in > https://www.redhat.com/archives/libvir-list/2021-January/msg01160.html, > this will be done in the other series. > > Please feel free to comment on whether the copyright year in the file's > header should be updated and whether a prefix for the function names > and the new type is required. No and no. For patches 1-2,4-16,19: Reviewed-by: Peter Krempa <pkrempa@xxxxxxxxxx> 17, 18 use g_autofree which uses g_free which shouldn't be available.
