qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] qstring: Fix integer overflow


From: Eric Blake
Subject: Re: [Qemu-devel] [PATCH] qstring: Fix integer overflow
Date: Mon, 23 Jul 2018 09:52:17 -0500
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0

On 07/20/2018 08:09 AM, liujunjie wrote:
From: l00425170 <address@hidden>

The incoming parameters "start" and "end" is int type in
qstring_from_substr(), but this function can be called by
qstring_from_str, which is size_t type in strlen(str).
It may result in coredump when called g_malloc later.
One scene to triger is to call hmp "into tlb", which may have
too long length of string.

Signed-off-by: l00425170 <address@hidden>

Using what looks like a username for your Author and S-o-b designation rather than a legal name is fishy. If 'l00425170' is really an alias that you have frequently used in other open source projects, it might be okay (and if so, you could back it up by pointing us to a URL of such contributions to other projects). But in general, it's better to own your patches with your real name (git supports UTF-8, if you would like your name to appear in native characters instead of or in addition to a Latin-ized form).

--
Eric Blake, Principal Software Engineer
Red Hat, Inc.           +1-919-301-3266
Virtualization:  qemu.org | libvirt.org



reply via email to

[Prev in Thread] Current Thread [Next in Thread]