Re: [PATCH 03/28] qapi: Replace g_memdup() by g_memdup2

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 03/28] qapi: Replace g_memdup() by g_memdup2_qemu()

From:	Daniel P . Berrangé
Subject:	Re: [PATCH 03/28] qapi: Replace g_memdup() by g_memdup2_qemu()
Date:	Fri, 3 Sep 2021 12:18:16 +0100
User-agent:	Mutt/2.0.7 (2021-05-04)

On Fri, Sep 03, 2021 at 01:06:37PM +0200, Philippe Mathieu-Daudé wrote:
> Per 
> https://discourse.gnome.org/t/port-your-module-from-g-memdup-to-g-memdup2-now/5538
> 
>   The old API took the size of the memory to duplicate as a guint,
>   whereas most memory functions take memory sizes as a gsize. This
>   made it easy to accidentally pass a gsize to g_memdup(). For large
>   values, that would lead to a silent truncation of the size from 64
>   to 32 bits, and result in a heap area being returned which is
>   significantly smaller than what the caller expects. This can likely
>   be exploited in various modules to cause a heap buffer overflow.
> 
> Replace g_memdup() by the safer g_memdup2_qemu() wrapper.

This and all following patches should directly use "g_memdup2"
rather than the wrapper which is supposed to remain "secret"
in the glib-compat.h header.


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 00/28] glib: Replace g_memdup() by g_memdup2_qemu(), Philippe Mathieu-Daudé, 2021/09/03
- [PATCH 01/28] hw/hyperv/vmbus: Remove unused vmbus_load/save_req(), Philippe Mathieu-Daudé, 2021/09/03
- [PATCH 02/28] glib-compat: Introduce g_memdup2() wrapper, Philippe Mathieu-Daudé, 2021/09/03
  - Re: [PATCH 02/28] glib-compat: Introduce g_memdup2() wrapper, Daniel P . Berrangé, 2021/09/03
    - Re: [PATCH 02/28] glib-compat: Introduce g_memdup2() wrapper, Vladimir Sementsov-Ogievskiy, 2021/09/03
    - Re: [PATCH 02/28] glib-compat: Introduce g_memdup2() wrapper, Daniel P . Berrangé, 2021/09/03
    - Re: [PATCH 02/28] glib-compat: Introduce g_memdup2() wrapper, Vladimir Sementsov-Ogievskiy, 2021/09/03
    - Re: [PATCH 02/28] glib-compat: Introduce g_memdup2() wrapper, Philippe Mathieu-Daudé, 2021/09/03
- [PATCH 03/28] qapi: Replace g_memdup() by g_memdup2_qemu(), Philippe Mathieu-Daudé, 2021/09/03
  - Re: [PATCH 03/28] qapi: Replace g_memdup() by g_memdup2_qemu(), Daniel P . Berrangé <=
    - Re: [PATCH 03/28] qapi: Replace g_memdup() by g_memdup2_qemu(), Philippe Mathieu-Daudé, 2021/09/03
- [PATCH 04/28] accel/tcg: Replace g_memdup() by g_memdup2_qemu(), Philippe Mathieu-Daudé, 2021/09/03
- [PATCH 05/28] block/qcow2-bitmap: Replace g_memdup() by g_memdup2_qemu(), Philippe Mathieu-Daudé, 2021/09/03
- [PATCH 06/28] softmmu: Replace g_memdup() by g_memdup2_qemu(), Philippe Mathieu-Daudé, 2021/09/03
- [PATCH 07/28] hw/9pfs: Replace g_memdup() by g_memdup2_qemu(), Philippe Mathieu-Daudé, 2021/09/03
- [PATCH 08/28] hw/acpi: Avoid truncating acpi_data_len() to 32-bit, Philippe Mathieu-Daudé, 2021/09/03
  - Re: [PATCH 08/28] hw/acpi: Avoid truncating acpi_data_len() to 32-bit, Igor Mammedov, 2021/09/08
- [PATCH 09/28] hw/acpi: Replace g_memdup() by g_memdup2_qemu(), Philippe Mathieu-Daudé, 2021/09/03
  - Re: [PATCH 09/28] hw/acpi: Replace g_memdup() by g_memdup2_qemu(), Igor Mammedov, 2021/09/08
- [PATCH 10/28] hw/core/machine: Replace g_memdup() by g_memdup2_qemu(), Philippe Mathieu-Daudé, 2021/09/03

Prev by Date: Re: [PATCH 02/28] glib-compat: Introduce g_memdup2() wrapper
Next by Date: [PATCH 13/28] hw/net/eepro100: Replace g_memdup() by g_memdup2_qemu()
Previous by thread: [PATCH 03/28] qapi: Replace g_memdup() by g_memdup2_qemu()
Next by thread: Re: [PATCH 03/28] qapi: Replace g_memdup() by g_memdup2_qemu()
Index(es):
- Date
- Thread