+-- On Wed, 29 May 2019, Marc-André Lureau wrote --+
| The error is handled before guest_exec_get_args(), isn't it?
Yes, which is okay I think.
| The qga commands are only called through QMP, afaik.
I see, cool! Thanks much for the confirmation.
Thank you.
--
Prasad J Pandit / Red Hat Product
Hi
On Wed, May 29, 2019 at 4:35 PM P J P wrote:
>
> +-- On Wed, 29 May 2019, Marc-André Lureau wrote --+
> | assert() is good if it's a programming error: that is if it should never
> | happen at run-time. It's a decent way to document the code.
>
> True; But terminating server because a user s
+-- On Wed, 29 May 2019, Marc-André Lureau wrote --+
| assert() is good if it's a programming error: that is if it should never
| happen at run-time. It's a decent way to document the code.
True; But terminating server because a user sent more input parameters does
not sound good.
{"error":
Hi
On Wed, May 29, 2019 at 11:38 AM P J P wrote:
>
> Hello Marc,
>
> +-- On Thu, 23 May 2019, Marc-André Lureau wrote --+
> | I don't see how you could exploit this today.
> |
> | QMP parser has MAX_TOKEN_COUNT (2ULL << 20).
>
> I see, didn't realise that. I tried to reproduce it and
>
>{"e
Hello Marc,
+-- On Thu, 23 May 2019, Marc-André Lureau wrote --+
| I don't see how you could exploit this today.
|
| QMP parser has MAX_TOKEN_COUNT (2ULL << 20).
I see, didn't realise that. I tried to reproduce it and
{"error": {"class": "GenericError", "desc": "JSON token count limit
exc
Hi
On Thu, May 23, 2019 at 9:54 AM P J P wrote:
>
> +-- On Wed, 22 May 2019, Marc-André Lureau wrote --+
> | On Sun, May 19, 2019 at 10:55 AM P J P wrote:
> | > Qemu guest agent while executing user commands does not seem to
> | > check length of argument list and/or environment variables passed
+-- On Wed, 22 May 2019, Marc-André Lureau wrote --+
| On Sun, May 19, 2019 at 10:55 AM P J P wrote:
| > Qemu guest agent while executing user commands does not seem to
| > check length of argument list and/or environment variables passed.
| > It may lead to integer overflow or infinite loop issu
Hi
On Sun, May 19, 2019 at 10:55 AM P J P wrote:
>
> From: Prasad J Pandit
>
> Qemu guest agent while executing user commands does not seem to
> check length of argument list and/or environment variables passed.
> It may lead to integer overflow or infinite loop issues. Add check
> to avoid it.
On 5/19/19 5:48 AM, P J P wrote:
From: Prasad J Pandit
Qemu guest agent while executing user commands does not seem to
check length of argument list and/or environment variables passed.
It may lead to integer overflow or infinite loop issues. Add check
to avoid it.
Reported-by: Niu Guoxiang
From: Prasad J Pandit
Qemu guest agent while executing user commands does not seem to
check length of argument list and/or environment variables passed.
It may lead to integer overflow or infinite loop issues. Add check
to avoid it.
Reported-by: Niu Guoxiang
Signed-off-by: Prasad J Pandit
---
10 matches
Mail list logo