Hello, This series fixes a buffer overrun in VFIO. The buffer used in vfio_realize() by qemu_uuid_unparse() is too small, UUID_FMT_LEN lacks one byte for the trailing NUL.
Instead of adding + 1, as done elsewhere, the changes introduce a UUID_STR_LEN define for the correct size and use it where required. Thanks, C. Changes in v2: - removal of UUID_FMT_LEN Cédric Le Goater (3): util/uuid: Add UUID_STR_LEN definition vfio/pci: Fix buffer overrun when writing the VF token util/uuid: Remove UUID_FMT_LEN include/qemu/uuid.h | 2 +- block/parallels-ext.c | 2 +- block/vdi.c | 2 +- hw/core/qdev-properties-system.c | 2 +- hw/hyperv/vmbus.c | 4 ++-- hw/vfio/pci.c | 2 +- migration/savevm.c | 4 ++-- tests/unit/test-uuid.c | 2 +- util/uuid.c | 2 +- 9 files changed, 11 insertions(+), 11 deletions(-) -- 2.41.0
