Re: [libvirt] [PATCH] buf: protect against integer overflow
On 06/24/2011 02:27 PM, Matthias Bolte wrote:
2011/6/24 Eric Blake <eblake(a)redhat.com>:
> It's unlikely that we'll ever want to escape a string as long as
> INT_MAX/6, but adding this check can't hurt.
>
> * src/util/buf.c (virBufferEscapeSexpr, virBufferEscapeString):
> Check for (unlikely) overflow.
> ---
> src/util/buf.c | 6 ++++--
> 1 files changed, 4 insertions(+), 2 deletions(-)
ACK.
Thanks; pushed.
There are remaining instances of 'ALLOC.* \* ' in the tree, but they all
appear to be safe (both quantities can be verified to be small enough
that the product will never overflow, in part because of the up-front
filtering I just did for virDomainGetVcpus).
--
Eric Blake eblake(a)redhat.com +1-801-349-2682
Libvirt virtualization library http://libvirt.org
Attachments:
- signature.asc (application/pgp-signature — 619 bytes)