On Mon, Jan 11, 2016 at 03:26:23PM -0700, Jim Fehlig wrote:
Commmit fd2e3c4c used the domctl version 8 structure for version 9 in the xen_getdomaininfolist union, resulting in insufficient buffer size (and subsequent memory corruption) for the GETDOMAININFOLIST ioctl.Signed-off-by: Jim Fehlig <jfeh...@suse.com> --- src/xen/xen_hypervisor.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
I cannot test this, but it's kind of obvious. ACK.
diff --git a/src/xen/xen_hypervisor.c b/src/xen/xen_hypervisor.c
index 431c47a..c1834cb 100644
--- a/src/xen/xen_hypervisor.c
+++ b/src/xen/xen_hypervisor.c
@@ -309,7 +309,7 @@ union xen_getdomaininfolist {
struct xen_v2d6_getdomaininfo *v2d6;
struct xen_v2d7_getdomaininfo *v2d7;
struct xen_v2d8_getdomaininfo *v2d8;
- struct xen_v2d8_getdomaininfo *v2d9;
+ struct xen_v2d9_getdomaininfo *v2d9;
};
typedef union xen_getdomaininfolist xen_getdomaininfolist;
--
2.1.4
--
libvir-list mailing list
libvir-list@redhat.com
https://www.redhat.com/mailman/listinfo/libvir-list
signature.asc
Description: PGP signature
-- libvir-list mailing list libvir-list@redhat.com https://www.redhat.com/mailman/listinfo/libvir-list
