motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2025-12-11 16:00:50 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

ivshmem-server: fix possible OVERRUN

Browse source 
>>>     CID 1337991:  Memory - illegal accesses  (OVERRUN)
>>>     Decrementing "i". The value of "i" is now 65534.
218         while (i--) {
219             event_notifier_cleanup(&peer->vectors[i]);
220         }

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
This commit is contained in:
Gonglei 2015-11-02 09:13:48 +08:00 committed by Michael Tokarev
parent 6268520d7d
commit 258133bda9
1 changed files with 3 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

4
contrib/ivshmem-server/ivshmem-server.c
View file

@ -168,7 +168,9 @@ ivshmem_server_handle_new_conn(IvshmemServer *server)
}
if (i == G_MAXUINT16) {
IVSHMEM_SERVER_DEBUG(server, "cannot allocate new client id\n");
goto fail;
close(newfd);
g_free(peer);
return -1;
}
peer->id = server->cur_id++;