On Wed, Aug 15, 2012 at 9:56 AM, Yonit Halperin <yhalperi@xxxxxxxxxx> wrote: > SpiceMsgWaitForChannels is not packed. Comparing the original > msg size to SpiceMsgWaitForChannels is wrong. > --- > gtk/channel-base.c | 3 --- > 1 files changed, 0 insertions(+), 3 deletions(-) > > diff --git a/gtk/channel-base.c b/gtk/channel-base.c > index cc4d242..2968f42 100644 > --- a/gtk/channel-base.c > +++ b/gtk/channel-base.c > @@ -120,9 +120,6 @@ void spice_channel_handle_wait_for_channels(SpiceChannel *channel, SpiceMsgIn *i > SpiceMsgWaitForChannels *wfc = spice_msg_in_parsed(in); > int i; > > - g_return_if_fail(spice_header_get_msg_size(in->header, channel->priv->use_mini_header) >= > - sizeof(*wfc) + wfc->wait_count * sizeof(wfc->wait_list[0])); > - I think I got your point, but it would be even better if you had a stacktrace or a case where this check is actually invalid. Imho, >= should still be true, even if the packing is different. -- Marc-André Lureau _______________________________________________ Spice-devel mailing list Spice-devel@xxxxxxxxxxxxxxxxxxxxx http://lists.freedesktop.org/mailman/listinfo/spice-devel