From 68ee703bfefd5f0efd6609aa0747f62ca3c391f3 Mon Sep 17 00:00:00 2001
From: Peter Krempa <pkrempa@redhat.com>
Date: Fri, 18 Dec 2015 16:55:01 +0100
Subject: [PATCH] vz: Fix invalid iteration of def->cputune.vcpupin

The array doesn't necessarily have the same cardinality as the count of
vCPUs for a domain. Iterating it can cause access beyond the end of the
array.
---
 src/vz/vz_sdk.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/vz/vz_sdk.c b/src/vz/vz_sdk.c
index b78c413877..d610979422 100644
--- a/src/vz/vz_sdk.c
+++ b/src/vz/vz_sdk.c
@@ -1958,7 +1958,7 @@ prlsdkCheckUnsupportedParams(PRL_HANDLE sdkdom, virDomainDefPtr def)
     }
 
     if (def->cputune.vcpupin) {
-        for (i = 0; i < virDomainDefGetVcpus(def); i++) {
+        for (i = 0; i < def->cputune.nvcpupin; i++) {
             if (!virBitmapEqual(def->cpumask,
                                 def->cputune.vcpupin[i]->cpumask)) {
                 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,