On 10/26/23 09:06, Cédric Le Goater wrote:
Hello,
This series fixes a buffer overrun in VFIO. The buffer used in
vfio_realize() by qemu_uuid_unparse() is too small, UUID_FMT_LEN lacks
one byte for the trailing NUL.
Instead of adding + 1, as done elsewhere, the changes introduce a
UUID_STR_LEN define for the correct size and use it where required.
Thanks,
C.
Changes in v2:
- removal of UUID_FMT_LEN
Cédric Le Goater (3):
util/uuid: Add UUID_STR_LEN definition
vfio/pci: Fix buffer overrun when writing the VF token
util/uuid: Remove UUID_FMT_LEN
include/qemu/uuid.h | 2 +-
block/parallels-ext.c | 2 +-
block/vdi.c | 2 +-
hw/core/qdev-properties-system.c | 2 +-
hw/hyperv/vmbus.c | 4 ++--
hw/vfio/pci.c | 2 +-
migration/savevm.c | 4 ++--
tests/unit/test-uuid.c | 2 +-
util/uuid.c | 2 +-
9 files changed, 11 insertions(+), 11 deletions(-)
Reviwed-by: Denis V. Lunev <d...@openvz.org>
