[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH] Fix crash due to faulty realloc logic in slirp/mbuf

From: Ed Swierk
Subject: [Qemu-devel] [PATCH] Fix crash due to faulty realloc logic in slirp/mbuf.c
Date: Sun, 30 Apr 2006 19:48:34 -0700

The attached patch fixes a bug in the slirp memory management code.
m_inc() is called during IP reassembly for IP datagrams greater than 4
KB, as arises with NFS. Currently the code assumes that realloc()
always resizes the buffer without moving it; if the buffer is moved,
the m_data pointer is left pointing to an invalid location. The bug
causes qemu to crash when there is any significant amount of NFS

The patch restores some commented-out code that updates m_data correctly.


Attachment: qemu-slirp-mbuf-bug.patch
Description: Text Data

reply via email to

[Prev in Thread] Current Thread [Next in Thread]