virtio-serial: fix heap-over-flow - bwlp/qemu.git - Experimental fork of QEMU with video encoding patches

diff options

author	linzhecheng	2018-03-28 15:34:35 +0200
committer	Michael S. Tsirkin	2018-04-09 16:35:46 +0200
commit	d434e5ac5d70e9da7d20e50246af9251a125bdad (patch)
tree	52220b1e922e7b615d38b109f820025275c1ec06 /include/exec/user
parent	vhost: Allow adjoining regions (diff)
download	qemu-d434e5ac5d70e9da7d20e50246af9251a125bdad.tar.gz qemu-d434e5ac5d70e9da7d20e50246af9251a125bdad.tar.xz qemu-d434e5ac5d70e9da7d20e50246af9251a125bdad.zip

virtio-serial: fix heap-over-flow

Check device having the feature of VIRTIO_CONSOLE_F_EMERG_WRITE before get config->emerg_wr. It is neccessary because sizeof(virtio_console_config) is 8 byte if VirtIOSerial doesn't have the feature of VIRTIO_CONSOLE_F_EMERG_WRITE(see virtio_serial_device_realize), read/write emerg_wr will lead to heap-over-flow. Signed-off-by: linzhecheng <linzhecheng@huawei.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com>

Diffstat (limited to 'include/exec/user')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: