[PATCH] Fix memory corruption in Virt_VSMigrationService
# HG changeset patch # User Jim Fehlig <jfehlig@novell.com> # Date 1217630619 21600 # Node ID dc93425ad702b45d013a53d6e237066201207999 # Parent dbdf9a5fce21e33d23d280e48bae1912fd5f3a0d Fix memory corruption in Virt_VSMigrationService According to uuid_unparse(3), the out param needs to accommodate 37 bytes. This patch expands the uuid field of migration_job structure to 37 bytes. Signed-off-by: Jim Fehlig <jfehlig@novell.com> diff -r dbdf9a5fce21 -r dc93425ad702 src/Virt_VSMigrationService.c --- a/src/Virt_VSMigrationService.c Thu Jul 31 07:20:19 2008 -0700 +++ b/src/Virt_VSMigrationService.c Fri Aug 01 16:43:39 2008 -0600 @@ -78,7 +78,7 @@ struct migration_job { char *ref_ns; char *host; uint16_t type; - char uuid[33]; + char uuid[37]; }; static CMPIStatus get_msd(const CMPIObjectPath *ref,
JF> According to uuid_unparse(3), the out param needs to accommodate JF> 37 bytes. This patch expands the uuid field of migration_job JF> structure to 37 bytes. Good call. However, in other places, we use the libvirt-defined symbol VIR_UUID_STRING_BUFLEN for this, which I think it probably more appropriate. In checking on this, I found another spot with the same incorrect magic number. I'll cook up a patch to fix both. Thanks! -- Dan Smith IBM Linux Technology Center Open Hypervisor Team email: danms@us.ibm.com
participants (2)
-
Dan Smith -
Jim Fehlig