On 12/03/2010 05:03 PM, Eric Blake wrote:
* src/util/util.c (__virExec): Don't use FD_ISSET on out-of-bounds fd. --- Noticed this one by inspection, while investigating https://bugzilla.redhat.com/show_bug.cgi?id=659855 Don't know if it's the root cause of the crash in that bug, though. src/util/util.c | 3 +-- 1 files changed, 1 insertions(+), 2 deletions(-) diff --git a/src/util/util.c b/src/util/util.c index 79ca5d3..1b5bc68 100644 --- a/src/util/util.c +++ b/src/util/util.c @@ -570,8 +570,7 @@ __virExec(const char *const*argv, i != null&& i != childout&& i != childerr&& - (!keepfd || - !FD_ISSET(i, keepfd))) { + (!keepfd || (i< FD_SETSIZE&& !FD_ISSET(i, keepfd)))) { tmpfd = i; VIR_FORCE_CLOSE(tmpfd); }
ACK. Definitely this could be bad news if OPEN_MAX > FD_SETSIZE, and even if that's not possible, it doesn't hurt to check anyway.
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list