On 07/08/2014 07:14 AM, Kevin Wolf wrote: > If a QED image has a shorter backing file and a read request to > unallocated clusters goes across EOF of the backing file, the backing > file sees a shortened request and the rest is filled with zeros. > However, the original too long qiov was used with the shortened request. > > This patch makes the qiov size match the request size, avoiding a > potential buffer overflow in raw-posix. > > Signed-off-by: Kevin Wolf <kw...@redhat.com> > --- > block/qed.c | 38 ++++++++++++++++++++++++++++++-------- > block/qed.h | 1 + > 2 files changed, 31 insertions(+), 8 deletions(-) >
Reviewed-by: Eric Blake <ebl...@redhat.com> -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
