X-Git-Url: http://v3vee.org/palacios/gitweb/gitweb.cgi?a=blobdiff_plain;f=linux_module%2Fiface-keyed-stream.c;h=99524e1b459e5eee235c752b982d53a71bc48ebd;hb=495d40c7d02054399e118be6a10b0096c938d232;hp=a6fb960a93ba92daaf456ad8215eebd084ac0788;hpb=88a3605446744969abe6f193a7bc20e62d5aa555;p=palacios.git

diff --git a/linux_module/iface-keyed-stream.c b/linux_module/iface-keyed-stream.c
index a6fb960..99524e1 100644
--- a/linux_module/iface-keyed-stream.c
+++ b/linux_module/iface-keyed-stream.c
@@ -1853,6 +1853,7 @@ static long keyed_stream_ioctl_user(struct file * filp, unsigned int ioctl, unsi
             return -EFAULT;
         }
 
+	// overflow possible here for very large request
 	if (resize_op(&(s->op),size-sizeof(struct palacios_user_keyed_stream_op))) {
 	    ERROR("unable to resize op in user key push response\n");
             palacios_spinlock_unlock_irqrestore(&(s->lock), flags);
@@ -1934,6 +1935,7 @@ int keyed_stream_connect_user(struct v3_guest *guest, unsigned int cmd, unsigned
 	return -1;
     }
 
+    // overflow possible here, but only if this is a huge guest request (>4GB)
     url = palacios_alloc(len);
     
     if (!url) {