[Qemu-devel] [ Patch ] for CVE-2015-3242

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [ Patch ] for CVE-2015-3242

From:	罗大龙
Subject:	[Qemu-devel] [ Patch ] for CVE-2015-3242
Date:	Thu, 18 Jun 2015 10:40:33 +0800

/qemu-2.3.0/hw/arm/pxa2xx.c

--- pxa2xx.c.new    2015-06-15 17:40:59.285002592 +0800
+++ pxa2xx.c    2015-06-15 17:43:47.001002592 +0800
@@ -1986,6 +1986,10 @@

     s->rx_len = qemu_get_byte(f);
     s->rx_start = 0;
+   if (s->rx_len < 0 || s->rx_len > ARRAY_SIZE(s->rx_fifo)) {
+       return -EINVAL;
+   }
+
     for (i = 0; i < s->rx_len; i ++)
         s->rx_fifo[i] = qemu_get_byte(f);

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [ Patch ] for CVE-2015-3242, 罗大龙 <=
- Re: [Qemu-devel] [ Patch ] for CVE-2015-3242, Peter Maydell, 2015/06/18

Prev by Date: Re: [Qemu-devel] [PATCH v2 1/3] softmmu: add helper function to pass through retaddr
Next by Date: Re: [Qemu-devel] [Qemu-block] RFC cdrom in own thread?
Previous by thread: [Qemu-devel] [PATCH v2] macio: remove nonexistent interrupt on pin 1
Next by thread: Re: [Qemu-devel] [ Patch ] for CVE-2015-3242
Index(es):
- Date
- Thread