qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] fmops: fix off-by-one in AR_TABLE and DR_TABLE

From: Thomas Huth
Subject: Re: [Qemu-devel] [PATCH] fmops: fix off-by-one in AR_TABLE and DR_TABLE array size
Date: Tue, 27 Nov 2018 08:30:19 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 
On 2018-10-30 09:23, Gerd Hoffmann wrote:
> Fixes: CVE-2018-???
> Cc: P J P <address@hidden>
> Reported-by: Wangjunqing <address@hidden>
> Suggested-by: Paolo Bonzini <address@hidden>
> Signed-off-by: Gerd Hoffmann <address@hidden>
> ---
>  hw/audio/fmopl.h | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/hw/audio/fmopl.h b/hw/audio/fmopl.h
> index e7e578a48e..7199afaa3c 100644
> --- a/hw/audio/fmopl.h
> +++ b/hw/audio/fmopl.h
> @@ -72,8 +72,8 @@ typedef struct fm_opl_f {
>       /* Rhythm sention */
>       uint8_t rhythm;         /* Rhythm mode , key flag */
>       /* time tables */
> -     int32_t AR_TABLE[75];   /* atttack rate tables */
> -     int32_t DR_TABLE[75];   /* decay rate tables   */
> +     int32_t AR_TABLE[76];   /* atttack rate tables */
> +     int32_t DR_TABLE[76];   /* decay rate tables   */
>       uint32_t FN_TABLE[1024];  /* fnumber -> increment counter */
>       /* LFO */
>       int32_t *ams_table;
> 

CC to qemu-stable ?

 Thomas
reply via email to
[Prev in Thread] Current Thread [Next in Thread]