[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 2/3] vhost: fix mem_sections memory corruption
From: |
Michael S. Tsirkin |
Subject: |
Re: [Qemu-devel] [PATCH 2/3] vhost: fix mem_sections memory corruption |
Date: |
Mon, 9 Jan 2012 15:28:27 +0200 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Mon, Jan 09, 2012 at 02:04:53PM +0200, Avi Kivity wrote:
> A memset() used to delete an entry in an array did not take into account
> the array element's size.
>
> Signed-off-by: Avi Kivity <address@hidden>
Acked-by: Michael S. Tsirkin <address@hidden>
> ---
> hw/vhost.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/hw/vhost.c b/hw/vhost.c
> index 541c716..d924fb0 100644
> --- a/hw/vhost.c
> +++ b/hw/vhost.c
> @@ -456,7 +456,7 @@ static void vhost_region_del(MemoryListener *listener,
> == section->offset_within_address_space) {
> --dev->n_mem_sections;
> memmove(&dev->mem_sections[i], &dev->mem_sections[i+1],
> - dev->n_mem_sections - i);
> + (dev->n_mem_sections - i) * sizeof(*dev->mem_sections));
> break;
> }
> }
> --
> 1.7.7.1
>