mirrors/qemu
0
0
Fork 0
mirror of https://github.com/qemu/qemu.git synced 2024-11-27 22:03:35 +08:00
Code Issues Packages Projects Releases Wiki Activity

vhost: fix mem_sections memory corruption

Browse Source 
A memset() used to delete an entry in an array did not take into account
the array element's size.

Signed-off-by: Avi Kivity <avi@redhat.com>
Acked-by: Michael S. Tsirkin <mst@redhat.com>
This commit is contained in:
Avi Kivity 2012-01-09 13:59:50 +02:00
parent d743c38286
commit 637f7a6a01
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
hw/vhost.c
View File

@ -456,7 +456,7 @@ static void vhost_region_del(MemoryListener *listener,
== section->offset_within_address_space) {
--dev->n_mem_sections;
memmove(&dev->mem_sections[i], &dev->mem_sections[i+1],
dev->n_mem_sections - i);
(dev->n_mem_sections - i) * sizeof(*dev->mem_sections));
break;
}
}