Re: [Libvir] [PATCH] properly check buffer size in virDomainXMLDevID

Tuesday, 11 September 2007

Hugh Brock wrote:
...
 As promised, a patch to protect the 80-character "device
id" buffer from 
 overflow by the unbounded "device=" XML attribute. Before, a large 
 "device" attribute gave a stack overflow error; now it merely results in 
 an obscure (but non-fatal) xend error like so:

 libvir: Xen Daemon error : POST operation failed: (xend.err "invalid 
 literal for int() with base 10: 

'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'")

 (the long string of "x"es was my way of overflowing the buffer).

 Please ACK... 
+1

Rich.

-- 
Emerging Technologies, Red Hat - http://et.redhat.com/~rjones/
Registered Address: Red Hat UK Ltd, Amberley Place, 107-111 Peascod
Street, Windsor, Berkshire, SL4 1TE, United Kingdom.  Registered in
England and Wales under Company Registration No. 03798903

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

Re: [Libvir] [PATCH] properly check buffer size in virDomainXMLDevID