On Mon, Nov 24, 2025 at 11:19:48 +0000, Daniel P. Berrangé via Devel wrote:
From: Daniel P. Berrangé <berrange@redhat.com>
The main stream I/O functions have a design flaw in that they accept 'size_t' as the input data length, while intending to return the amount actually processed in an 'int'.
Fortunately all functions explicitly document that less data may be processed than requested, and with the remote driver data cap we will never get anywhere near exceeding an 'int' even on 32-bit.
For sanity, however, lets explicitly cap the data size in the public API to fix the design flaw.
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> --- src/libvirt-stream.c | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+)
Reviewed-by: Peter Krempa <pkrempa@redhat.com>