On Tue, Jul 17, 2012 at 04:18:00PM +0200, Marc-André Lureau wrote: > On Tue, Jul 17, 2012 at 4:06 PM, Christophe Fergeau <[email protected]> > wrote: > > Oh, I was mostly thinking of checking max_monitors for an arbitrary max > > value (4, 16 or 256) to avoid allocating arbitrary amount of memory by > > trusting a network value. > > There is no arbitrary value that would be really appropriate. > > Furthermore, as I tried to say, there are many places where we trust > server values. For instance size of a message. It doesn't really makes > sense to check only this value here.
Yeah I know there are many worrying places, for new code and new protocol additions, it would be nice to start thinking about this... I'm not seeing this as a blocking issue, but this is getting more and more scary nonetheless... Christophe
pgpfJ29SVuw4F.pgp
Description: PGP signature
_______________________________________________ virt-tools-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/virt-tools-list
