|
From: | Anthony Liguori |
Subject: | Re: [Qemu-devel] Use of PATH_MAX |
Date: | Fri, 16 May 2008 09:35:17 -0500 |
User-agent: | Thunderbird 2.0.0.14 (X11/20080505) |
Warner Losh wrote:
From: Anthony Liguori <address@hidden> Subject: Re: [Qemu-devel] Use of PATH_MAX Date: Fri, 16 May 2008 09:00:39 -0500 As is the use of dynamic buffers. If you don't always test system call return value, you can get odd new failures. If you don't provide a sane upper bound, then you get DoS attacks...
Guests don't provide filenames so no, there is no DoS attack. As long as you handle allocation failures gracefully, it's fine.
The problem with static buffers is that we silently truncate filenames. At best, this means something that should work, won't. At worst, this means that instead of opening the file you meant to open, you'll open a file that you didn't mean to open and overwrite the data.
Regards, Anthony Liguori
Warner
[Prev in Thread] | Current Thread | [Next in Thread] |