diff options
| author | Shmulik Ladkani | 2016-08-02 11:41:20 +0200 |
|---|---|---|
| committer | Paolo Bonzini | 2016-08-03 18:44:57 +0200 |
| commit | e911765cbb9e9ddf5d952c88bb52180a62c6cea0 (patch) | |
| tree | 6036cab11ada53a9aee71a0368b3487e09d1305e /exec.c | |
| parent | qdev: Fix use after free in qdev_init_nofail error path (diff) | |
| download | qemu-e911765cbb9e9ddf5d952c88bb52180a62c6cea0.tar.gz qemu-e911765cbb9e9ddf5d952c88bb52180a62c6cea0.tar.xz qemu-e911765cbb9e9ddf5d952c88bb52180a62c6cea0.zip | |
util: Fix assertion in iov_copy() upon zero 'bytes' and non-zero 'offset'
In cases where iov_copy() is passed with zero 'bytes' argument and a
non-zero 'offset' argument, nothing gets copied - as expected.
However no copy iterations are performed, so 'offset' is left
unaltered, leading to the final assert(offset == 0) to fail.
Instead, change the loop condition to continue as long as 'offset || bytes',
similar to other iov_* functions.
This ensures 'offset' gets zeroed (even if no actual copy is made),
unless it is beyond end of source iov - which is asserted.
Signed-off-by: Shmulik Ladkani <shmulik.ladkani@ravellosystems.com>
Message-Id: <1470130880-1050-1-git-send-email-shmulik.ladkani@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Diffstat (limited to 'exec.c')
0 files changed, 0 insertions, 0 deletions