7:31 a.m.
Peter Krempa (2):
conf: Don't overwrite KVM feature config struct if the feature is
present twicea
virconf: Fix numeric overflow when parsing numbers in conf files
src/conf/domain_conf.c | 15 ++++++++-------
src/util/virconf.c | 6 ++++++
2 files changed, 14 insertions(+), 7 deletions(-)
--
2.46.0
7:31 a.m.
New subject: [PATCH 1/2] conf: Don't overwrite KVM feature config struct if the feature is present twicea
Don't allocate the struct if it exists already. This sidesteps the
discussion about whether forbidding multiple feature definitions makes
sense.
Fixes: a8e0f9c682143c63897de5c379d3ac3791c51970
Closes: https://gitlab.com/libvirt/libvirt/-/issues/670
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/conf/domain_conf.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
diff --git a/src/conf/domain_conf.c b/src/conf/domain_conf.c
index 5f0b35be5e..a263612ef7 100644
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@@ -16657,10 +16657,12 @@ static int
virDomainFeaturesKVMDefParse(virDomainDef *def,
xmlNodePtr node)
{
- g_autofree virDomainFeatureKVM *kvm = g_new0(virDomainFeatureKVM, 1);
g_autoptr(GPtrArray) feats = virXMLNodeGetSubelementList(node, NULL);
size_t i;
+ if (!def->kvm_features)
+ def->kvm_features = g_new0(virDomainFeatureKVM, 1);
+
for (i = 0; i < feats->len; i++) {
xmlNodePtr feat = g_ptr_array_index(feats, i);
int feature;
@@ -16678,20 +16680,20 @@ virDomainFeaturesKVMDefParse(virDomainDef *def,
&value) < 0)
return -1;
- kvm->features[feature] = value;
+ def->kvm_features->features[feature] = value;
/* dirty ring feature should parse size property */
if (feature == VIR_DOMAIN_KVM_DIRTY_RING &&
value == VIR_TRISTATE_SWITCH_ON) {
if (virXMLPropUInt(feat, "size", 0, VIR_XML_PROP_REQUIRED,
- &kvm->dirty_ring_size) < 0) {
+ &def->kvm_features->dirty_ring_size) < 0) {
return -1;
}
- if (!VIR_IS_POW2(kvm->dirty_ring_size) ||
- kvm->dirty_ring_size < 1024 ||
- kvm->dirty_ring_size > 65536) {
+ if (!VIR_IS_POW2(def->kvm_features->dirty_ring_size) ||
+ def->kvm_features->dirty_ring_size < 1024 ||
+ def->kvm_features->dirty_ring_size > 65536) {
virReportError(VIR_ERR_XML_ERROR, "%s",
_("dirty ring must be power of 2 and ranges [1024,
65536]"));
@@ -16701,7 +16703,6 @@ virDomainFeaturesKVMDefParse(virDomainDef *def,
}
def->features[VIR_DOMAIN_FEATURE_KVM] = VIR_TRISTATE_SWITCH_ON;
- def->kvm_features = g_steal_pointer(&kvm);
return 0;
}
--
2.46.0
8:41 a.m.
New subject: [PATCH 1/2] conf: Don't overwrite KVM feature config struct if
the feature is present twicea
On 9/6/24 14:31, Peter Krempa wrote:
Don't allocate the struct if it exists already. This sidesteps
the
discussion about whether forbidding multiple feature definitions makes
sense.
Fixes: a8e0f9c682143c63897de5c379d3ac3791c51970
Closes: https://gitlab.com/libvirt/libvirt/-/issues/670
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/conf/domain_conf.c | 15 ++++++++-------
1 file changed, 8 insertions(+), 7 deletions(-)
s/twicea/twice/ in $SUBJ.
Michal
7:31 a.m.
New subject: [PATCH 2/2] virconf: Fix numeric overflow when parsing numbers in conf files
The number is parsed manually without making sure it'll fit.
Fixes: 3bbac7cdb67
Closes: https://gitlab.com/libvirt/libvirt/-/issues/671
Signed-off-by: Peter Krempa <pkrempa(a)redhat.com>
---
src/util/virconf.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/util/virconf.c b/src/util/virconf.c
index 8fdf40e9d0..da07af178d 100644
--- a/src/util/virconf.c
+++ b/src/util/virconf.c
@@ -347,6 +347,12 @@ virConfParseLong(virConfParserCtxt *ctxt, long long *val)
return -1;
}
while ((ctxt->cur < ctxt->end) && (g_ascii_isdigit(CUR))) {
+ if (l > LLONG_MAX / 10) {
+ virConfError(ctxt, VIR_ERR_OVERFLOW,
+ _("numeric overflow in conf value"));
+ return -1;
+ }
+
l = l * 10 + (CUR - '0');
NEXT;
}
--
2.46.0
8:41 a.m.
On 9/6/24 14:31, Peter Krempa wrote:
Peter Krempa (2):
conf: Don't overwrite KVM feature config struct if the feature is
present twicea
virconf: Fix numeric overflow when parsing numbers in conf files
src/conf/domain_conf.c | 15 ++++++++-------
src/util/virconf.c | 6 ++++++
2 files changed, 14 insertions(+), 7 deletions(-)
Reviewed-by: Michal Privoznik <mprivozn(a)redhat.com>
Michal
69
days inactive
69
days old
4 comments
2 participants
participants (2)
-
Michal Prívozník -
Peter Krempa