On Thu, May 26, 2016 at 05:10:52PM +0100, Anthony PERARD wrote: > On Thu, May 26, 2016 at 04:21:56PM +0100, Wei Liu wrote: > > From: Ian Jackson <ian.jack...@eu.citrix.com> > > > > Each time round the main loop, we now fstat stderr. If it is too big, > > we dup2 /dev/null onto it. This is not a very pretty patch but it is > > very simple, easy to see that it's correct, and has a low risk of > > collateral damage. > > > > The limit is 1Mby by default but can be adjusted by setting a new > > environment variable. > > > > This fixes CVE-2014-3672. > > > > Signed-off-by: Ian Jackson <ian.jack...@eu.citrix.com> > > Tested-by: Ian Jackson <ian.jack...@eu.citrix.com> > > > > Set the default to 0 so that it won't affect non-xen installation. The > > limit will be set by Xen toolstack. > > > > Signed-off-by: Wei Liu <wei.l...@citrix.com> > > Beside the confusing commit message and the call in the WIN32 specific > mainloop, the patch look good. So, > > Acked-by: Anthony PERARD <anthony.per...@citrix.com>
I have ajusted the commit message with `s/The limit is 1Mby/There is no limit/` and going to push to staging. -- Anthony PERARD _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
