]> git.ipfire.org Git - thirdparty/qemu.git/commit
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 15905fd) | patch
ivshmem: Fix potential OOB r/w access
authorSebastian Krahmer <krahmer@suse.de>
Mon, 15 Sep 2014 16:40:07 +0000 (18:40 +0200)
committerMichael Roth <mdroth@linux.vnet.ibm.com>
Tue, 6 Jan 2015 21:43:42 +0000 (15:43 -0600)
commita95569d24f2462e1795a85aca17185ecd8856fc3
tree7f3c8ed064c73a41f3c63aa66ea22702dd381ef7tree
parent15905fde7bd40bc15173e77661981d462e6ca62bcommit | diff
ivshmem: Fix potential OOB r/w access

Fix OOB access via malformed incoming_posn parameters
and check that requested memory is actually alloc'ed.

Signed-off-by: Sebastian Krahmer <krahmer@suse.de>
[AF: Rebased, cleanups, avoid fd leak]
Cc: qemu-stable@nongnu.org
Signed-off-by: Andreas Färber <afaerber@suse.de>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit 34bc07c5282a631c2663ae1ded0a186f46f64612)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
hw/misc/ivshmem.c diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git