From ecb5cf7cb25d176863c1e426ec5cff1caf31f2cb Mon Sep 17 00:00:00 2001 From: Laine Stump Date: Mon, 8 Mar 2010 15:01:52 +0100 Subject: [PATCH] Eliminate large stack buffer in doTunnelSendAll doTunnelSendAll function (used by QEMU migration) uses a 64k buffer on the stack, which could be problematic. This patch replaces that with a buffer from the heap. While in the neighborhood, this patch also improves error reporting in the case that saferead fails - previously, virStreamAbort() was called (resetting errno) before reporting the error. It's been changed to report the error first. * src/qemu/qemu_driver.c: fix doTunnelSendAll() to use a malloc'ed buffer --- src/qemu/qemu_driver.c | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c index 79899e5b4e..02068c46ed 100644 --- a/src/qemu/qemu_driver.c +++ b/src/qemu/qemu_driver.c @@ -8654,19 +8654,28 @@ cleanup: } +#define TUNNEL_SEND_BUF_SIZE 65536 + static int doTunnelSendAll(virStreamPtr st, int sock) { - char buffer[65536]; - int nbytes = sizeof(buffer); + char *buffer; + int nbytes = TUNNEL_SEND_BUF_SIZE; + + if (VIR_ALLOC_N(buffer, TUNNEL_SEND_BUF_SIZE) < 0) { + virReportOOMError(); + virStreamAbort(st); + return -1; + } /* XXX should honour the 'resource' parameter here */ for (;;) { nbytes = saferead(sock, buffer, nbytes); if (nbytes < 0) { - virStreamAbort(st); virReportSystemError(errno, "%s", _("tunnelled migration failed to read from qemu")); + virStreamAbort(st); + VIR_FREE(buffer); return -1; } else if (nbytes == 0) @@ -8676,10 +8685,13 @@ static int doTunnelSendAll(virStreamPtr st, if (virStreamSend(st, buffer, nbytes) < 0) { qemuReportError(VIR_ERR_OPERATION_FAILED, "%s", _("Failed to write migration data to remote libvirtd")); + VIR_FREE(buffer); return -1; } } + VIR_FREE(buffer); + if (virStreamFinish(st) < 0) /* virStreamFinish set the error for us */ return -1; -- GitLab