Re: [libvirt] [PATCH v2] Fix libvirtd crash possibility

On 09/12/2012 04:44 PM, Martin Kletzander wrote: > When generating RPC protocol messages, it's strictly needed to have > continuousline of numbers or RPC messages. However in case anyone > tries backporting some functionality and will skip a number, there is > a possibility to make the daemon segfault with newer virsh (version of > the library, rpc call, etc.) even unintentionally. > > The problem is that the skipped numbers will get func filled with > NULLs, but there is no check whether these are set before the daemon > tries to run them. This patch very simply enhances one check and fixes > that. > --- > src/rpc/virnetserverprogram.c | 11 +++++++++-- > 1 file changed, 9 insertions(+), 2 deletions(-) Given that this fixes CVE-2012-4423, I have gone and backported it to v0.9.6-maint and v0.9.11-maint. https://bugzilla.redhat.com/show_bug.cgi?id=857135