qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
* [Qemu-devel] [PATCH] qemu-img: Fix segfault during rebase
@ 2010-02-17 11:32 Kevin Wolf
  2010-02-19 22:01 ` Anthony Liguori
  0 siblings, 1 reply; 2+ messages in thread
From: Kevin Wolf @ 2010-02-17 11:32 UTC (permalink / raw)
  To: qemu-devel; +Cc: kwolf

This fixes a possible read beyond the end of the temporary buffers used for
comparing data in the old and the new backing file.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
 qemu-img.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/qemu-img.c b/qemu-img.c
index 250d892..258dc62 100644
--- a/qemu-img.c
+++ b/qemu-img.c
@@ -1225,7 +1225,7 @@ static int img_rebase(int argc, char **argv)
                 int pnum;
 
                 if (compare_sectors(buf_old + written * 512,
-                    buf_new + written * 512, n, &pnum))
+                    buf_new + written * 512, n - written, &pnum))
                 {
                     ret = bdrv_write(bs, sector + written,
                         buf_old + written * 512, pnum);
-- 
1.6.6

^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-02-19 22:01 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-02-17 11:32 [Qemu-devel] [PATCH] qemu-img: Fix segfault during rebase Kevin Wolf
2010-02-19 22:01 ` Anthony Liguori

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).