Re: [libvirt] [PATCH] uml: sanity check external data before using it

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

According to Eric Blake on 3/3/2010 9:34 AM:
> Otherwise, a malicious packet could cause a DoS via spurious
> out-of-memory failure.
> 
> +        if (sizeof res < res.length) {

Phooey; posted the wrong version.  That should be sizeof res.data, not
sizeof res, given the later use of:

        memcpy(retdata + retlen, res.data, res.length);

-- 
Eric Blake   eblake@xxxxxxxxxx    +1-801-349-2682
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature

--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
[Index of Archives]     [Virt Tools]     [Libvirt Users]     [Lib OS Info]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Fedora Tools]