8:20 a.m.
As promised, a patch to protect the 80-character "device id" buffer from
overflow by the unbounded "device=" XML attribute. Before, a large
"device" attribute gave a stack overflow error; now it merely results in
an obscure (but non-fatal) xend error like so:
libvir: Xen Daemon error : POST operation failed: (xend.err "invalid
literal for int() with base 10:
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'")
(the long string of "x"es was my way of overflowing the buffer).
Please ACK...
--Hugh
--
Red Hat Virtualization Group http://redhat.com/virtualization
Hugh Brock | virt-manager http://virt-manager.org
hbrock(a)redhat.com | virtualization library http://libvirt.org
8:46 a.m.
Hugh Brock wrote:
As promised, a patch to protect the 80-character "device
id" buffer from
overflow by the unbounded "device=" XML attribute. Before, a large
"device" attribute gave a stack overflow error; now it merely results in
an obscure (but non-fatal) xend error like so:
libvir: Xen Daemon error : POST operation failed: (xend.err "invalid
literal for int() with base 10:
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'")
(the long string of "x"es was my way of overflowing the buffer).
Please ACK...
+1
Rich.
--
Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/
Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod
Street, Windsor, Berkshire, SL4 1TE, United Kingdom. Registered in
England and Wales under Company Registration No. 03798903
8:39 a.m.
Richard W.M. Jones wrote:
Hugh Brock wrote:
> As promised, a patch to protect the 80-character "device id" buffer
> from overflow by the unbounded "device=" XML attribute. Before, a
> large "device" attribute gave a stack overflow error; now it merely
> results in an obscure (but non-fatal) xend error like so:
>
>
> libvir: Xen Daemon error : POST operation failed: (xend.err "invalid
> literal for int() with base 10:
>
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'")
>
>
> (the long string of "x"es was my way of overflowing the buffer).
>
> Please ACK...
+1
Rich.
If someone could commit this please I would greatly appreciate it...
thanks,
--Hugh
--
Red Hat Virtualization Group http://redhat.com/virtualization
Hugh Brock | virt-manager http://virt-manager.org
hbrock(a)redhat.com | virtualization library http://libvirt.org
10:37 a.m.
Hugh Brock wrote:
Richard W.M. Jones wrote:
> Hugh Brock wrote:
>> As promised, a patch to protect the 80-character "device id" buffer
>> from overflow by the unbounded "device=" XML attribute. Before, a
>> large "device" attribute gave a stack overflow error; now it merely
>> results in an obscure (but non-fatal) xend error like so:
>>
>>
>> libvir: Xen Daemon error : POST operation failed: (xend.err "invalid
>> literal for int() with base 10:
>>
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'")
>>
>>
>> (the long string of "x"es was my way of overflowing the buffer).
>>
>> Please ACK...
>
> +1
>
> Rich.
>
If someone could commit this please I would greatly appreciate it...
thanks,
--Hugh
Done.
Rich.
--
Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/
Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod
Street, Windsor, Berkshire, SL4 1TE, United Kingdom. Registered in
England and Wales under Company Registration No. 03798903
6281
days inactive
6282
days old
3 comments
2 participants
participants (2)
-
Hugh Brock -
Richard W.M. Jones