Re: [libvirt] [PATCH 2/2] remote: protect against integer overflow
2011/6/24 Eric Blake <eblake(a)redhat.com>:
Integer overflow and remote code are never a nice mix.
This has existed since commit 56cd414.
* src/libvirt.c (virDomainGetVcpus): Reject overflow up front.
* src/remote/remote_driver.c (remoteDomainGetVcpus): Avoid overflow
on sending rpc.
* daemon/remote.c (remoteDispatchDomainGetVcpus): Avoid overflow on
receiving rpc.
---
Gnulib makes checking for multiply overflow easy.
daemon/remote.c | 4 +++-
src/libvirt.c | 5 +++--
src/remote/remote_driver.c | 4 +++-
3 files changed, 9 insertions(+), 4 deletions(-)
diff --git a/daemon/remote.c b/daemon/remote.c
index 48624d6..8d04fc7 100644
--- a/daemon/remote.c
+++ b/daemon/remote.c
@@ -61,6 +61,7 @@
#include "network.h"
#include "libvirt/libvirt-qemu.h"
#include "command.h"
+#include "intprops.h"
I see this file in ./gnulib/lib but intprops is not listed in
bootstrap.conf, so it's probably pulled in as a dependency for another
module. But it doesn't hurt to be explicit and list it in
bootstrap.conf.
ACK, with that fixed.
--
Matthias Bolte
http://photron.blogspot.com