On 09/19/2012 07:49 PM, Eric Blake wrote: > On 09/12/2012 04:44 PM, Martin Kletzander wrote: >> When generating RPC protocol messages, it's strictly needed to have >> continuousline of numbers or RPC messages. However in case anyone >> tries backporting some functionality and will skip a number, there is >> a possibility to make the daemon segfault with newer virsh (version of >> the library, rpc call, etc.) even unintentionally. >> >> The problem is that the skipped numbers will get func filled with >> NULLs, but there is no check whether these are set before the daemon >> tries to run them. This patch very simply enhances one check and fixes >> that. >> --- >> src/rpc/virnetserverprogram.c | 11 +++++++++-- >> 1 file changed, 9 insertions(+), 2 deletions(-) > > Given that this fixes CVE-2012-4423, I have gone and backported it to > v0.9.6-maint and v0.9.11-maint. > https://bugzilla.redhat.com/show_bug.cgi?id=857135 > Oh, I thought that has to wait for Cole. Thanks very much for that. Martin -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list