[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v4 24/30] usb: sanity check setup_index+setup_le
From: |
Gerd Hoffmann |
Subject: |
Re: [Qemu-devel] [PATCH v4 24/30] usb: sanity check setup_index+setup_len in post_load |
Date: |
Tue, 01 Apr 2014 08:23:01 +0200 |
> > + if (dev->setup_index >= sizeof(dev->data_buf) ||
> > + dev->setup_len >= sizeof(dev->data_buf)) {
> > + return -EINVAL;
> > + }
> > return 0;
> > }
>
> (2) Shouldn't we be checking for setup_index and setup_len
> being negative as well?
Oops, they are signed, so yes, I guess we should. Or we can just make
them unsigned, they should never ever be negative. But I'm not fully
sure we can do that without breaking migration ...
cheers,
Gerd
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [Qemu-devel] [PATCH v4 24/30] usb: sanity check setup_index+setup_len in post_load,
Gerd Hoffmann <=