Fakhri Zulkifli reported BZ#1594054
https://bugzilla.redhat.com/show_bug.cgi?id=1594054
Dietmar Maurer noticed the fix from 807e2b6fce0 doesn't help
as error_setg() also calls malloc().
Daniel Berrangé suggested a clever fix, restrict the
guest-agent command size to avoid heap mayhem.
v1: https://www.mail-archive.com/qemu-devel@nongnu.org/msg691773.html
Philippe Mathieu-Daudé (4):
Revert "prevent crash when executing guest-file-read with large count"
qga: Extract guest_file_handle_find() to commands-common.h
qga: Extract qmp_guest_file_read() to common commands.c
qga: Restrict guest-file-read count to 10 MB to avoid crashes
qga/qapi-schema.json | 6 ++++--
qga/commands-common.h | 21 +++++++++++++++++++++
qga/commands-posix.c | 29 +++++++----------------------
qga/commands-win32.c | 35 ++++++++---------------------------
qga/commands.c | 29 +++++++++++++++++++++++++++++
5 files changed, 69 insertions(+), 51 deletions(-)
create mode 100644 qga/commands-common.h
--
2.21.1