From 350da942872049d732b6310b56ae9e9f507c85e9 Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Tue, 23 Feb 2010 09:48:00 -0300
Subject: [PATCH] qemu-img: Fix segfault during rebase
RH-Author: Kevin Wolf <kwolf@redhat.com>
Message-id: <1266918480-7652-1-git-send-email-kwolf@redhat.com>
Patchwork-id: 7227
O-Subject: [RHEL-5.5 KVM PATCH] qemu-img: Fix segfault during rebase
Bugzilla: 563141
RH-Acked-by: Juan Quintela <quintela@redhat.com>
RH-Acked-by: Amit Shah <amit.shah@redhat.com>
RH-Acked-by: Christoph Hellwig <chellwig@redhat.com>
RH-Acked-by: Gleb Natapov <gleb@redhat.com>
Bugzilla: 563141
Upstream commit: 60b1bd4fc5b2f5046b7b64fa5ce9c2930d482eac
This fixes a possible read beyond the end of the temporary buffers used for
comparing data in the old and the new backing file.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
---
qemu/qemu-img.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
Signed-off-by: Glauber Costa <glommer@redhat.com>
---
qemu/qemu-img.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/qemu/qemu-img.c b/qemu/qemu-img.c
index d657f5d..6c2685a 100644
--- a/qemu/qemu-img.c
+++ b/qemu/qemu-img.c
@@ -1128,7 +1128,7 @@ static int img_rebase(int argc, char **argv)
int pnum;
if (compare_sectors(buf_old + written * 512,
- buf_new + written * 512, n, &pnum))
+ buf_new + written * 512, n - written, &pnum))
{
ret = bdrv_write(bs, sector + written,
buf_old + written * 512, pnum);
--
1.6.6
distrib
>
Scientific%20Linux
>
5x
>
x86_64
>
media
>
main-src
>
by-pkgid
>
aadbe78a25743146bb784eee19f007c5
>
files
>
541
