Add bounds checking on virDomainMigrate*Params RPC calls (CVE-2013-4292) CVE-2013-4292
authorDaniel P. Berrange <berrange@redhat.com>
Mon, 19 Aug 2013 13:55:21 +0000 (14:55 +0100)
committerDaniel P. Berrange <berrange@redhat.com>
Thu, 29 Aug 2013 14:36:13 +0000 (15:36 +0100)
commitfd6f6a48619eb221afeb1c5965537534cd54e01d
treef3118c7cc48dfe4cad16d276be15ee93d80d2528
parentc26181495f3c98870d0794052246718f5d3d8dd6
Add bounds checking on virDomainMigrate*Params RPC calls (CVE-2013-4292)

The parameters for the virDomainMigrate*Params RPC calls were
not bounds checks, meaning a malicious client can cause libvirtd
to consume arbitrary memory

This issue was introduced in the 1.1.0 release of libvirt

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
daemon/remote.c
src/remote/remote_driver.c
src/remote/remote_protocol.x