Re: [libvirt] [PATCHv2 2/2] openvz: avoid potential buffer overflow

2010/12/7 Eric Blake <eblake(a)redhat.com&gt;: > * src/openvz/openvz_conf.c (openvzLoadDomains): Replace unsafe > sscanf with safe direct parsing. > (openvzGetVEID): Avoid lost integer overflow detection. > (openvzAssignUUIDs): Likewise, and detect readdir failure. > --- > > v2: new patch; plugs a potential security hole, since > *scanf("%s",fixed_width_buffer) is exploitable, but the > exploit could only happen if /usr/sbin/vzlist is compromised. > > src/openvz/openvz_conf.c | 39 +++++++++++++++++++++++++-------------- > 1 files changed, 25 insertions(+), 14 deletions(-) > ACK.