[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] Out off array access in usb-net
From: |
Markus Armbruster |
Subject: |
Re: [Qemu-devel] [PATCH] Out off array access in usb-net |
Date: |
Tue, 09 Nov 2010 10:30:54 +0100 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/23.1 (gnu/linux) |
Gleb Natapov <address@hidden> writes:
> Properly check array bounds before accessing array element.
Impact?
Apply to stable as well?
> Signed-off-by: Gleb Natapov <address@hidden>
> diff --git a/hw/usb-net.c b/hw/usb-net.c
> index 70f9263..84e2d79 100644
> --- a/hw/usb-net.c
> +++ b/hw/usb-net.c
> @@ -1142,7 +1142,7 @@ static int usb_net_handle_control(USBDevice *dev, int
> request, int value,
> break;
>
> default:
> - if (usb_net_stringtable[value & 0xff]) {
> + if (ARRAY_SIZE(usb_net_stringtable) > (value & 0xff)) {
> ret = set_usb_string(data,
> usb_net_stringtable[value & 0xff]);
> break;
Makes sense.
Nitpick: LIMIT > INDEX looks unusual to me; INDEX < LIMIT is more
common.
- [Qemu-devel] [PATCH] Out off array access in usb-net, Gleb Natapov, 2010/11/09
- [Qemu-devel] Re: [PATCH] Out off array access in usb-net, Paolo Bonzini, 2010/11/09
- Re: [Qemu-devel] [PATCH] Out off array access in usb-net,
Markus Armbruster <=
- Re: [Qemu-devel] [PATCH] Out off array access in usb-net, Gleb Natapov, 2010/11/09
- Re: [Qemu-devel] [PATCH] Out off array access in usb-net, Markus Armbruster, 2010/11/09
- Re: [Qemu-devel] [PATCH] Out off array access in usb-net, Gleb Natapov, 2010/11/09
- Re: [Qemu-devel] [PATCH] Out off array access in usb-net, Markus Armbruster, 2010/11/09
- Re: [Qemu-devel] [PATCH] Out off array access in usb-net, Anthony Liguori, 2010/11/16
- Re: [Qemu-devel] [PATCH] Out off array access in usb-net, Gleb Natapov, 2010/11/16
Re: [Qemu-devel] [PATCH] Out off array access in usb-net, Anthony Liguori, 2010/11/16