NuKVM/libvirt
3
0
Fork 0
mirror of https://github.com/libvirt/libvirt.git synced 2025-02-25 18:55:26 -06:00
Code Issues Packages Projects Releases Wiki Activity

buf: protect against integer overflow

Browse Source 
It's unlikely that we'll ever want to escape a string as long as
INT_MAX/6, but adding this check can't hurt.

* src/util/buf.c (virBufferEscapeSexpr, virBufferEscapeString):
Check for (unlikely) overflow.
This commit is contained in:
Eric Blake
2011-06-24 14:04:04 -06:00
parent 774b21c163
commit 4a27eb1398
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/util/buf.c
View File

@@ -311,7 +311,8 @@ virBufferEscapeString(const virBufferPtr buf, const char *format, const char *st
return;
}
if (VIR_ALLOC_N(escaped, 6 * len + 1) < 0) {
if (xalloc_oversized(6, len) ||
VIR_ALLOC_N(escaped, 6 * len + 1) < 0) {
virBufferSetError(buf);
return;
}
@@ -398,7 +399,8 @@ virBufferEscapeSexpr(const virBufferPtr buf,
return;
}
if (VIR_ALLOC_N(escaped, 2 * len + 1) < 0) {
if (xalloc_oversized(2, len) ||
VIR_ALLOC_N(escaped, 2 * len + 1) < 0) {
virBufferSetError(buf);
return;
}