[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 06/13] util/iov: Avoid dynamic stack allocation
From: |
Eric Blake |
Subject: |
[PULL 06/13] util/iov: Avoid dynamic stack allocation |
Date: |
Thu, 7 Sep 2023 20:35:42 -0500 |
From: Philippe Mathieu-Daudé <philmd@redhat.com>
Use autofree heap allocation instead of variable-length array on the
stack.
The codebase has very few VLAs, and if we can get rid of them all we
can make the compiler error on new additions. This is a defensive
measure against security bugs where an on-stack dynamic allocation
isn't correctly size-checked (e.g. CVE-2021-3527).
Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20230824164706.2652277-1-peter.maydell@linaro.org>
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Eric Blake <eblake@redhat.com>
---
util/iov.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/util/iov.c b/util/iov.c
index 866fb577f30..7e73948f5e3 100644
--- a/util/iov.c
+++ b/util/iov.c
@@ -571,7 +571,7 @@ static int sortelem_cmp_src_index(const void *a, const void
*b)
*/
void qemu_iovec_clone(QEMUIOVector *dest, const QEMUIOVector *src, void *buf)
{
- IOVectorSortElem sortelems[src->niov];
+ g_autofree IOVectorSortElem *sortelems = g_new(IOVectorSortElem,
src->niov);
void *last_end;
int i;
--
2.41.0
- [PULL 00/13] NBD patches through 2023-09-07, Eric Blake, 2023/09/07
- [PULL 01/13] qemu-iotests/197: use more generic commands for formats other than qcow2, Eric Blake, 2023/09/07
- [PULL 02/13] nbd: drop unused nbd_receive_negotiate() aio_context argument, Eric Blake, 2023/09/07
- [PULL 04/13] io: check there are no qio_channel_yield() coroutines during ->finalize(), Eric Blake, 2023/09/07
- [PULL 03/13] nbd: drop unused nbd_start_negotiate() aio_context argument, Eric Blake, 2023/09/07
- [PULL 07/13] qemu-nbd: improve error message for dup2 error, Eric Blake, 2023/09/07
- [PULL 05/13] io: follow coroutine AioContext in qio_channel_yield(), Eric Blake, 2023/09/07
- [PULL 06/13] util/iov: Avoid dynamic stack allocation,
Eric Blake <=
- [PULL 08/13] qemu-nbd: define struct NbdClientOpts when HAVE_NBD_DEVICE is not defined, Eric Blake, 2023/09/07
- [PULL 09/13] qemu-nbd: move srcpath into struct NbdClientOpts, Eric Blake, 2023/09/07
- [PULL 10/13] qemu-nbd: put saddr into into struct NbdClientOpts, Eric Blake, 2023/09/07
- [PULL 11/13] qemu-nbd: invent nbd_client_release_pipe() helper, Eric Blake, 2023/09/07
- [PULL 13/13] qemu-nbd: document -v behavior in respect to --fork in man, Eric Blake, 2023/09/07
- [PULL 12/13] qemu-nbd: Restore "qemu-nbd -v --fork" output, Eric Blake, 2023/09/07