]> git.ipfire.org Git - thirdparty/qemu.git/commit
projects / thirdparty / qemu.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 52a0283) | patch
virtio-blk: fix out-of-bounds access to bitmap in notify_guest_bh
authorLi Hangjing <lihangjing@baidu.com>
Mon, 16 Dec 2019 02:30:50 +0000 (10:30 +0800)
committerMichael Roth <mdroth@linux.vnet.ibm.com>
Mon, 11 May 2020 20:25:04 +0000 (15:25 -0500)
commitdef30090ad7917c9a6c68065922759dd83900d6f
treee0ec6613a22f333ceae4c96703c334b316f1656btree
parent52a02834e0d54d59d9665e2d39c2259345df2335commit | diff
virtio-blk: fix out-of-bounds access to bitmap in notify_guest_bh

When the number of a virtio-blk device's virtqueues is larger than
BITS_PER_LONG, the out-of-bounds access to bitmap[ ] will occur.

Fixes: e21737ab15 ("virtio-blk: multiqueue batch notify")
Cc: qemu-stable@nongnu.org
Cc: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Li Hangjing <lihangjing@baidu.com>
Reviewed-by: Xie Yongji <xieyongji@baidu.com>
Reviewed-by: Chai Wen <chaiwen@baidu.com>
Message-id: 20191216023050.48620-1-lihangjing@baidu.com
Message-Id: <20191216023050.48620-1-lihangjing@baidu.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
(cherry picked from commit 725fe5d10dbd4259b1853b7d253cef83a3c0d22a)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
hw/block/dataplane/virtio-blk.c diff | blob | blame | history
Mirror of https://git.qemu.org/git/qemu.git