On Wed, Nov 4, 2020 at 21:29 Eduardo Habkost <ehabk...@redhat.com> wrote:
> On Sat, Oct 31, 2020 at 09:51:38PM +0530, Ani Sinha wrote: > > On Thu, Oct 15, 2020 at 10:22 PM Eduardo Habkost <ehabk...@redhat.com> > wrote: > > > > > > On Mon, Sep 21, 2020 at 03:03:25PM +0530, Ani Sinha wrote: > > > > Object property insertion code iterates over an integer to get an > unused > > > > index that can be used as an unique name for an object property. > This loop > > > > increments the integer value indefinitely. Although very unlikely, > this can > > > > still cause an integer overflow. > > > > In this change, we fix the above code by checking against INT16_MAX > and making > > > > sure that the interger index does not overflow beyond that value. If > no > > > > available index is found, the code would cause an assertion failure. > This > > > > assertion failure is necessary because the callers of the function > do not check > > > > the return value for NULL. > > > > > > > > Signed-off-by: Ani Sinha <a...@anisinha.ca> > > > > Reviewed-by: Daniel P. Berrangé <berra...@redhat.com> > > > > > > Queued on machine-next, thanks! My apologies for the delay. > > > > Any idea when this will be pulled? > > I was planning to send a pull request before soft freeze, > (October 27) but this was the only patch in the queue at that > moment, so I decided to wait. > > As we're beyond freeze now, the pull request will be sent > immediately after 5.2.0 is released. Gentle reminder since 5.2.0 has now been released. > >
