|
From: | Jason Wang |
Subject: | Re: [Qemu-devel] [PATCH V3 for 3.1 0/4] Fix possible OOB during queuing packets |
Date: | Mon, 3 Dec 2018 17:47:47 +0800 |
User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1 |
On 2018/12/3 下午5:35, Jason Wang wrote:
Hi: This series tries to fix a possible OOB during queueing packets through qemu_net_queue_append_iov(). This could happen when it tries to queue a packet whose size is larger than INT_MAX which may lead integer overflow. We've fixed similar issue in the past during qemu_net_queue_deliver_iov() by ignoring large packets there. Let's just move the check earlier to qemu_sendv_packet_async() and reduce the limitation to NET_BUFSIZE. A simple qtest were also added this. Please review. Thanks
Wrong version, please ignore this. Thanks
[Prev in Thread] | Current Thread | [Next in Thread] |