mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-01-24 13:35:17 +00:00
986900a5af
virNetSASLSessionClientStep logs the data that is going to be passed to sasl_client_step as input data. However, it tries to log it as a string, while there is no guarantee that this data is going to be nul-terminated. This leads to this valgrind log: ==20938== Invalid read of size 1 ==20938== at 0x8BDB08F: vfprintf (vfprintf.c:1635) ==20938== by 0x8C06DF2: vasprintf (vasprintf.c:62) ==20938== by 0x4CCEDF9: virVasprintfInternal (virstring.c:337) ==20938== by 0x4CA9516: virLogVMessage (virlog.c:842) ==20938== by 0x4CA939A: virLogMessage (virlog.c:778) ==20938== by 0x4E21E0D: virNetSASLSessionClientStep (virnetsaslcontext.c:458) ==20938== by 0x4DE47B8: remoteAuthSASL (remote_driver.c:4136) ==20938== by 0x4DE33AE: remoteAuthenticate (remote_driver.c:3635) ==20938== by 0x4DDBFAA: doRemoteOpen (remote_driver.c:832) ==20938== by 0x4DDC8BA: remoteConnectOpen (remote_driver.c:1027) ==20938== by 0x4D8595F: do_open (libvirt.c:1239) ==20938== by 0x4D863F3: virConnectOpenAuth (libvirt.c:1481) ==20938== by 0x12762B: vshReconnect (virsh.c:337) ==20938== by 0x12C9B0: vshInit (virsh.c:2470) ==20938== by 0x12E9A5: main (virsh.c:3338) ==20938== Address 0xe329ccd is 0 bytes after a block of size 141 alloc'd ==20938== at 0x4A081D4: calloc (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) ==20938== by 0x8CB91B4: xdr_array (xdr_array.c:94) ==20938== by 0x4E039C2: xdr_remote_auth_sasl_start_ret (remote_protocol.c:3134) ==20938== by 0x4E1F8AA: virNetMessageDecodePayload (virnetmessage.c:405) ==20938== by 0x4E119F5: virNetClientProgramCall (virnetclientprogram.c:377) ==20938== by 0x4DF8141: callFull (remote_driver.c:5794) ==20938== by 0x4DF821A: call (remote_driver.c:5816) ==20938== by 0x4DE46CF: remoteAuthSASL (remote_driver.c:4112) ==20938== by 0x4DE33AE: remoteAuthenticate (remote_driver.c:3635) ==20938== by 0x4DDBFAA: doRemoteOpen (remote_driver.c:832) ==20938== by 0x4DDC8BA: remoteConnectOpen (remote_driver.c:1027) ==20938== by 0x4D8595F: do_open (libvirt.c:1239) ==20938== by 0x4D863F3: virConnectOpenAuth (libvirt.c:1481) ==20938== by 0x12762B: vshReconnect (virsh.c:337) ==20938== by 0x12C9B0: vshInit (virsh.c:2470) ==20938== by 0x12E9A5: main (virsh.c:3338)
LibVirt : simple API for virtualization
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). It is free software
available under the GNU Lesser General Public License. Virtualization of
the Linux Operating System means the ability to run multiple instances of
Operating Systems concurrently on a single hardware system where the basic
resources are driven by a Linux instance. The library aim at providing
long term stable C API initially for the Xen paravirtualization but
should be able to integrate other virtualization mechanisms if needed.
Daniel Veillard <veillard@redhat.com>