[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH] virtio: abort on zero config length
From: |
Jason Wang |
Subject: |
[Qemu-devel] [PATCH] virtio: abort on zero config length |
Date: |
Thu, 25 Apr 2013 15:43:27 +0800 |
In fact we don't support zero length config length for virtio device. And it can
lead outbound memory access. So abort on zero config length to catch the bug
earlier.
Signed-off-by: Jason Wang <address@hidden>
---
hw/virtio/virtio.c | 7 ++-----
1 files changed, 2 insertions(+), 5 deletions(-)
diff --git a/hw/virtio/virtio.c b/hw/virtio/virtio.c
index 1c2282c..a6fa667 100644
--- a/hw/virtio/virtio.c
+++ b/hw/virtio/virtio.c
@@ -923,6 +923,7 @@ void virtio_init(VirtIODevice *vdev, const char *name,
uint16_t device_id, size_t config_size)
{
int i;
+ assert(config_size);
vdev->device_id = device_id;
vdev->status = 0;
vdev->isr = 0;
@@ -938,11 +939,7 @@ void virtio_init(VirtIODevice *vdev, const char *name,
vdev->name = name;
vdev->config_len = config_size;
- if (vdev->config_len) {
- vdev->config = g_malloc0(config_size);
- } else {
- vdev->config = NULL;
- }
+ vdev->config = g_malloc0(config_size);
vdev->vmstate = qemu_add_vm_change_state_handler(virtio_vmstate_change,
vdev);
}
--
1.7.1
- [Qemu-devel] [PATCH] virtio: abort on zero config length,
Jason Wang <=
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Michael S. Tsirkin, 2013/04/25
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Anthony Liguori, 2013/04/25
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Michael S. Tsirkin, 2013/04/25
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Anthony Liguori, 2013/04/25
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Jason Wang, 2013/04/26
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Eric Blake, 2013/04/26
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Jason Wang, 2013/04/26
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Michael S. Tsirkin, 2013/04/26
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Anthony Liguori, 2013/04/26
- Re: [Qemu-devel] [PATCH] virtio: abort on zero config length, Laszlo Ersek, 2013/04/26