From: Prasad J Pandit <pjp@fedoraproject.org>
Hello,
While reassembling incoming fragmented datagrams, 'm_cat' routine
extends the 'mbuf' buffer if it has insufficient room. It computes
a wrong buffer size, which leads to overwriting adjacent heap buffer
area.
This patch set fixes this issue and formats m_cat() routine as per coding
style guide.
Update v1: fixed indentation
https://lists.gnu.org/archive/html/qemu-devel/2018-06/msg01121.html
Thank you.
--
Prasad J Pandit (2):
slirp: correct size computation while concatenating mbuf
slirp: reformat m_cat routine
slirp/mbuf.c | 41 +++++++++++++++++++----------------------
1 file changed, 19 insertions(+), 22 deletions(-)
--
2.17.1