[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [Patch v2 3/4] tools/xenstored: Avoid buffer overflows while setting up sockets [and 1 more messages]



On 13/12/2013 18:28, Ian Jackson wrote:
> Andrew Cooper writes ("[Xen-devel] [Patch v2 3/4] tools/xenstored: Avoid 
> buffer overflows while setting up sockets"):
>> Coverity ID: 1055996 1056002
>>
>> Cache the xs_daemon_socket{,_ro}() strings to save pointlessly
>> re-snprintf()'ing the same path, and add explicit size checks against
>> addr.sun_path before strcpy()'ing into it.
>>
>> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
>> CC: Ian Campbell <Ian.Campbell@xxxxxxxxxx>
>> CC: Ian Jackson <Ian.Jackson@xxxxxxxxxxxxx>
>> CC: Matthew Daley <mattd@xxxxxxxxxxx>
> Acked-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
> Committed-by: Ian Jackson <ian.jackson@xxxxxxxxxxxxx>
>
> Andrew Cooper writes ("Re: [Xen-devel] [Patch v2 3/4] tools/xenstored: Avoid 
> buffer overflows while setting up sockets"):
>> Given the spirit today of missed pings on patches,
>>
>> Third time lucky?
> Sorry about that.  (Coverity is generating a lot of very similar
> patches; in this case I had confused this one in my mind with
> f220279c14 which you even mention in the commit message.)
>
> Thanks for chasing.
>
> Ian.

Yes - that is a sad fact of all of these similar patches.  Hopefully
they will start thinning out as we get on top of the issues.

I am tracking "what still hasn't been applied" by what `git rebase
staging` tells me has still is still outstanding.  Of course, being my
private working tree, it is not easily exportable information.

On that note, I have some more pings to go.

~Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
http://lists.xen.org/xen-devel


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.