mirror of https://gitee.com/openkylin/qemu.git
9201bb9a8c
It is possible for the guest to set an invalid block size which is larger then the fifo_buffer[] array. This could cause a buffer overflow. To avoid this limit the maximum size of the blksize variable. Signed-off-by: Alistair Francis <alistair.francis@xilinx.com> Reported-by: Intel Security ATR <secure@intel.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com> Message-id: abe4c51f513290bbb85d1ee271cb1a3d463d7561.1444067470.git.alistair.francis@xilinx.com Suggested-by: Igor Mitsyanko <i.mitsyanko@gmail.com> Reported-by: Intel Security ATR <secure@intel.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com> |
||
---|---|---|
.. | ||
Makefile.objs | ||
milkymist-memcard.c | ||
omap_mmc.c | ||
pl181.c | ||
pxa2xx_mmci.c | ||
sd.c | ||
sdhci.c | ||
sdhci.h | ||
ssi-sd.c |