On 18.06.2013 18:59, Laine Stump wrote: > This fixes the problem reported in: > > https://bugzilla.redhat.com/show_bug.cgi?id=972690 > > When checking for a collision of a new libvirt network's subnet with > any existing routes, we read all of /proc/net/route into memory, then > parse all the entries. The function that we use to read this file > requires a "maximum length" parameter, which had previously been set > to 64*1024. As each line in /proc/net/route is 128 bytes, this would > allow for a maximum of 512 entries in the routing table. > > This patch increases that number to 128 * 100000, which allows for > 100,000 routing table entries. This means that it's possible that 12MB > would be allocated, but that would only happen if there really were > 100,000 route table entries on the system, it's only held for a very > short time. > > Since there is no method of specifying and unlimited max (and that > would create a potential denial of service anyway) hopefully this > limit is large enough to accomodate everyone. > --- > src/network/bridge_driver.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/src/network/bridge_driver.c b/src/network/bridge_driver.c > index d5886fe..f7c2470 100644 > --- a/src/network/bridge_driver.c > +++ b/src/network/bridge_driver.c > @@ -2305,7 +2305,8 @@ networkCheckRouteCollision(virNetworkObjPtr network) > { > int ret = 0, len; > char *cur, *buf = NULL; > - enum {MAX_ROUTE_SIZE = 1024*64}; > + /* allow for up to 100000 routes (each line is 128 bytes) */ > + enum {MAX_ROUTE_SIZE = 128*100000}; > > /* Read whole routing table into memory */ > if ((len = virFileReadAll(PROC_NET_ROUTE, MAX_ROUTE_SIZE, &buf)) < 0) > ACK Michal -- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list