[libvirt] Fix potential overflow in boot menu code

Daniel P. Berrange berrange at fedoraproject.org
Mon Aug 23 20:14:42 UTC 2010 

commit 03369d23832480b545fa04136415f235a59bd808
Author: Daniel P. Berrange <berrange at redhat.com>
Date:   Mon Aug 23 21:14:34 2010 +0100

    Fix potential overflow in boot menu code

 libvirt-0.8.3-boot-menu.patch |   12 ++++++++++++
 libvirt.spec                  |    7 ++++++-
 2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/libvirt-0.8.3-boot-menu.patch b/libvirt-0.8.3-boot-menu.patch
new file mode 100644
index 0000000..289efd6
--- /dev/null
+++ b/libvirt-0.8.3-boot-menu.patch
@@ -0,0 +1,12 @@
+diff -rup libvirt-0.8.3.orig/src/qemu/qemu_conf.c libvirt-0.8.3.new/src/qemu/qemu_conf.c
+--- libvirt-0.8.3.orig/src/qemu/qemu_conf.c	2010-08-04 13:21:27.000000000 +0100
++++ libvirt-0.8.3.new/src/qemu/qemu_conf.c	2010-08-23 21:08:13.239794362 +0100
+@@ -3651,7 +3651,7 @@ int qemudBuildCommandLine(virConnectPtr 
+ {
+     int i;
+     char memory[50];
+-    char boot[VIR_DOMAIN_BOOT_LAST];
++    char boot[VIR_DOMAIN_BOOT_LAST+1];
+     struct utsname ut;
+     int disableKQEMU = 0;
+     int disableKVM = 0;
diff --git a/libvirt.spec b/libvirt.spec
index 4634e34..3c13ea2 100644
--- a/libvirt.spec
+++ b/libvirt.spec
@@ -185,10 +185,11 @@
 Summary: Library providing a simple API virtualization
 Name: libvirt
 Version: 0.8.3
-Release: 1%{?dist}%{?extra_release}
+Release: 2%{?dist}%{?extra_release}
 License: LGPLv2+
 Group: Development/Libraries
 Source: http://libvirt.org/sources/libvirt-%{version}.tar.gz
+Patch1: %{name}-%{version}-boot-menu.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
 URL: http://libvirt.org/
 BuildRequires: python-devel
@@ -424,6 +425,7 @@ of recent versions of Linux (and other OSes).
 
 %prep
 %setup -q
+%patch1 -p1
 
 %build
 %if ! %{with_xen}
@@ -914,6 +916,9 @@ fi
 %endif
 
 %changelog
+* Mon Aug 23 2010 Daniel P. Berrange <berrange at redhat.com> - 0.8.3-2
+- Fix potential overflow in boot menu code
+
 * Mon Aug 23 2010 Daniel P. Berrange <berrange at redhat.com> - 0.8.3-1
 - Upstream release 0.8.3

More information about the scm-commits mailing list