xen: fix ioreq handling - bwlp/qemu.git - Experimental fork of QEMU with video encoding patches

diff options

author	Jan Beulich	2016-11-22 13:56:51 +0100
committer	Stefano Stabellini	2016-11-22 19:29:22 +0100
commit	b85f9dfdb156ae2a2a52f39a36e9f1f270614cd2 (patch)
tree	0dcd01f21000195eda8004dd50cbc77dfa339d2d /hw/xen/xen_backend.c
parent	Fix FreeBSD (10.x) build after 7dc9ae43 (diff)
download	qemu-b85f9dfdb156ae2a2a52f39a36e9f1f270614cd2.tar.gz qemu-b85f9dfdb156ae2a2a52f39a36e9f1f270614cd2.tar.xz qemu-b85f9dfdb156ae2a2a52f39a36e9f1f270614cd2.zip

xen: fix ioreq handling

Avoid double fetches and bounds check size to avoid overflowing internal variables. This is CVE-2016-9381 / XSA-197. Reported-by: yanghongke <yanghongke@huawei.com> Signed-off-by: Jan Beulich <jbeulich@suse.com> Reviewed-by: Stefano Stabellini <sstabellini@kernel.org> Signed-off-by: Stefano Stabellini <sstabellini@kernel.org>

Diffstat (limited to 'hw/xen/xen_backend.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: