qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] fix :cirrus_vga fix OOB read case qemu Segmenta

From: Gerd Hoffmann
Subject: Re: [Qemu-devel] [PATCH] fix :cirrus_vga fix OOB read case qemu Segmentation fault
Date: Mon, 13 Mar 2017 14:55:07 +0100 
> @@ -97,6 +97,11 @@ glue(glue(cirrus_bitblt_rop_fwd_transp_, 
> ROP_NAME),_8)(CirrusVGAState *s,
>      uint8_t p;
>      dstpitch -= bltwidth;
>      srcpitch -= bltwidth;
> +
> +    if (dstpitch < 0 || srcpitch < 0) {
> +        return;
> +    }

Shouldn't that be ...

    if (bltheight > 1 && (dstpitch < 0 || srcpitch < 0)) {


... matching the check of the non-transparent version a few lines up in
the same source file?

cheers,
  Gerd
reply via email to
[Prev in Thread] Current Thread [Next in Thread]