X-Git-Url: http://git.annexia.org/?p=libguestfs.git;a=blobdiff_plain;f=daemon%2Finitrd.c;h=932564b80620cf151961f12a0c7d7fe61713b826;hp=5e73d40b641cb8b20156644d7ed10d7f0a55169b;hb=aee7d55fcf754d97d945c318ec06d6387ade067b;hpb=e4fbe3e2cd130fa0b1b21a105729cd6ef32aac38

diff --git a/daemon/initrd.c b/daemon/initrd.c
index 5e73d40..932564b 100644
--- a/daemon/initrd.c
+++ b/daemon/initrd.c
@@ -142,25 +142,24 @@ do_initrd_cat (const char *path, const char *filename, size_t *size_r)
     goto cleanup;
   }
 
-  *size_r = statbuf.st_size;
   /* The actual limit on messages is smaller than this.  This
    * check just limits the amount of memory we'll try and allocate
    * here.  If the message is larger than the real limit, that will
    * be caught later when we try to serialize the message.
    */
-  if (*size_r >= GUESTFS_MESSAGE_MAX) {
-    reply_with_error ("initrd_cat: %s:%s: file is too large for the protocol",
+  if (statbuf.st_size >= GUESTFS_MESSAGE_MAX) {
+    reply_with_error ("%s:%s: file is too large for the protocol",
                       path, filename);
     goto cleanup;
   }
 
-  ret = malloc (*size_r);
+  ret = malloc (statbuf.st_size);
   if (ret == NULL) {
     reply_with_perror ("malloc");
     goto cleanup;
   }
 
-  if (xread (fd, ret, *size_r) == -1) {
+  if (xread (fd, ret, statbuf.st_size) == -1) {
     reply_with_perror ("read: %s:%s", path, filename);
     free (ret);
     ret = NULL;
@@ -175,6 +174,11 @@ do_initrd_cat (const char *path, const char *filename, size_t *size_r)
   }
   fd = -1;
 
+  /* Mustn't touch *size_r until we are sure that we won't return any
+   * error (RHBZ#589039).
+   */
+  *size_r = statbuf.st_size;
+
  cleanup:
   if (fd >= 0)
     close (fd);