mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-11-08 07:56:16 -05:00
bde70caa06
* gnu/packages/qemu.scm (qemu)[source]: Add patches. * gnu/packages/patches/qemu-CVE-2016-8576.patch, gnu/packages/patches/qemu-CVE-2016-8577.patch, gnu/packages/patches/qemu-CVE-2016-8578.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them.
27 lines
955 B
Diff
27 lines
955 B
Diff
From: Li Qiang <liq3ea@gmail.com>
|
|
|
|
In 9pfs function v9fs_iov_vunmarshal, it will not allocate space
|
|
for empty string. This will cause several NULL pointer dereference
|
|
issues. this patch fix this issue.
|
|
|
|
Signed-off-by: Li Qiang <liq3ea@gmail.com>
|
|
---
|
|
fsdev/9p-iov-marshal.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/fsdev/9p-iov-marshal.c b/fsdev/9p-iov-marshal.c
|
|
index 663cad5..1d16f8d 100644
|
|
--- a/fsdev/9p-iov-marshal.c
|
|
+++ b/fsdev/9p-iov-marshal.c
|
|
@@ -125,7 +125,7 @@ ssize_t v9fs_iov_vunmarshal(struct iovec *out_sg, int out_num, size_t offset,
|
|
str->data = g_malloc(str->size + 1);
|
|
copied = v9fs_unpack(str->data, out_sg, out_num, offset,
|
|
str->size);
|
|
- if (copied > 0) {
|
|
+ if (copied >= 0) {
|
|
str->data[str->size] = 0;
|
|
} else {
|
|
v9fs_string_free(str);
|
|
--
|
|
1.8.3.1
|
|
|