Re: [Qemu-devel] [PATCH] fmops: fix off-by-one in AR_TABLE and DR

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] fmops: fix off-by-one in AR_TABLE and DR_TABLE

From:	Gerd Hoffmann
Subject:	Re: [Qemu-devel] [PATCH] fmops: fix off-by-one in AR_TABLE and DR_TABLE array size
Date:	Wed, 21 Nov 2018 14:07:43 +0100
User-agent:	NeoMutt/20180716

On Wed, Nov 21, 2018 at 04:19:11PM +0530, P J P wrote:
>  Hello Gerd,
> 
> +-- On Mon, 12 Nov 2018, Gerd Hoffmann wrote --+
> | On Tue, Oct 30, 2018 at 09:23:40AM +0100, Gerd Hoffmann wrote:
> | > Fixes: CVE-2018-???
> | > Cc: P J P <address@hidden>
> | 
> | ping, do we have a cve number meanwhile?
> 
> No, the off-by-one does not seem to have an adverse effect. One byte past 
> AR_TABLE[75] array would likely read into DR_TABLE[75] array, which would 
> anyway be accessible to a driver. It does not seem to crash Qemu either. I 
> think it's more of a bug fix, than security fix. Hope that's okay.

Ok, makes sense, I'll drop the cve line then and queue the patch.

cheers,
  Gerd

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH] fmops: fix off-by-one in AR_TABLE and DR_TABLE array size, Gerd Hoffmann, 2018/11/12
- Re: [Qemu-devel] [PATCH] fmops: fix off-by-one in AR_TABLE and DR_TABLE array size, P J P, 2018/11/21
  - Re: [Qemu-devel] [PATCH] fmops: fix off-by-one in AR_TABLE and DR_TABLE array size, Gerd Hoffmann <=
- Re: [Qemu-devel] [PATCH] fmops: fix off-by-one in AR_TABLE and DR_TABLE array size, Thomas Huth, 2018/11/27

Prev by Date: [Qemu-devel] [PULL 2/2] migration/migration.c: Add COLO dependency checks
Next by Date: [Qemu-devel] [PATCH v2] qapi: add query-display-options command
Previous by thread: Re: [Qemu-devel] [PATCH] fmops: fix off-by-one in AR_TABLE and DR_TABLE array size
Next by thread: Re: [Qemu-devel] [PATCH] fmops: fix off-by-one in AR_TABLE and DR_TABLE array size
Index(es):
- Date
- Thread