peter/qemu - QEMU hacking for Peter

diff options

author	hangaohuai <hangaohuai@huawei.com>	2017-03-14 14:39:19 +0800
committer	Michael Roth <mdroth@linux.vnet.ibm.com>	2017-03-21 15:03:08 -0500
commit	3328c14e63f08fb07e8c6dec779c9d365e9e9864 (patch)
tree	d2440e28ca89fc7b84b8dce66e7342e311b956e5 /blockjob.c
parent	a99fd943c4ee49cea7600f185a01ae0cfe1cc3e9 (diff)
download	qemu-3328c14e63f08fb07e8c6dec779c9d365e9e9864.tar.gz

fix :cirrus_vga fix OOB read case qemu Segmentation fault

check the validity of parameters in cirrus_bitblt_rop_fwd_transp_xxx and cirrus_bitblt_rop_fwd_xxx to avoid the OOB read which causes qemu Segmentation fault. After the fix, we will touch the assert in cirrus_invalidate_region: assert(off_cur_end >= off_cur); Signed-off-by: fangying <fangying1@huawei.com> Signed-off-by: hangaohuai <hangaohuai@huawei.com> Message-id: 20170314063919.16200-1-hangaohuai@huawei.com Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> (cherry picked from commit 215902d7b6fb50c6fc216fc74f770858278ed904) Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

Diffstat (limited to 'blockjob.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: