External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2025-02-01 17:35:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

qemu: avoid leaking uninit data from hotplug to dumpxml

Browse Source 
Detected by Coverity.  Both text and JSON monitors set only the
bus and unit fields, which means driveAddr.controller spends
life as garbage on the stack, and is then memcpy()'d into the
in-memory representation which the user can see via dumpxml.

* src/qemu/qemu_hotplug.c (qemuDomainAttachSCSIDisk): Only copy
defined fields.
This commit is contained in:
Eric Blake 2011-10-21 17:09:17 -06:00
parent 9981fc5828
commit 2c27dfaeb1
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/qemu/qemu_hotplug.c
View File

@ -505,7 +505,8 @@ int qemuDomainAttachSCSIDisk(struct qemud_driver *driver,
/* XXX we should probably validate that the addr matches
* our existing defined addr instead of overwriting */
disk->info.type = VIR_DOMAIN_DEVICE_ADDRESS_TYPE_DRIVE;
memcpy(&disk->info.addr.drive, &driveAddr, sizeof(driveAddr));
disk->info.addr.drive.bus = driveAddr.bus;
disk->info.addr.drive.unit = driveAddr.unit;
}
}
qemuDomainObjExitMonitorWithDriver(driver, vm);