qga-win: prevent crash when executing guest-file-read with large count - focaccia-qemu - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Basil Salman <basil@daynix.com>	2020-03-11 19:04:17 +0200
committer	Michael Roth <mdroth@linux.vnet.ibm.com>	2020-03-24 11:32:19 -0500
commit	807e2b6fce022707418bc8f61c069d91c613b3d2 (patch)
tree	057da64c228ebf2d71e0b1201d6a6c778e50c408 /qga/commands.c
parent	b2413df83348acf371c03bced9a3845bba883ed5 (diff)
download	focaccia-qemu-807e2b6fce022707418bc8f61c069d91c613b3d2.tar.gz focaccia-qemu-807e2b6fce022707418bc8f61c069d91c613b3d2.zip

qga-win: prevent crash when executing guest-file-read with large count

guest-file-read command is currently implemented to read from a
file handle count number of bytes. when executed with a very large count number
qemu-ga crashes.
after some digging turns out that qemu-ga crashes after trying to allocate
a buffer large enough to save the data read in it, the buffer was allocated using
g_malloc0 which is not fail safe, and results a crash in case of failure.
g_malloc0 was replaced with g_try_malloc0() which returns NULL on failure,
A check was added for that case in order to prevent qemu-ga from crashing
and to send a response to the qemu-ga client accordingly.

Buglink: https://bugzilla.redhat.com/show_bug.cgi?id=1594054

Signed-off-by: Basil Salman <basil@daynix.com>
Reported-by: Fakhri Zulkifli <mohdfakhrizulkifli@gmail.com>
Cc: qemu-stable@nongnu.org
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

Diffstat (limited to 'qga/commands.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: