[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 07/23] hw/pci/pcie_aer.c: fix buffer overruns on

From: Peter Maydell
Subject: Re: [Qemu-devel] [PATCH 07/23] hw/pci/pcie_aer.c: fix buffer overruns on invalid state load
Date: Tue, 3 Dec 2013 21:25:49 +0000

On 3 December 2013 21:19, Eric Blake <address@hidden> wrote:
> On 12/03/2013 01:59 PM, Peter Maydell wrote:
>> If a QEMU with this patch sends data to a QEMU without it, then the
>> receiving end will think it should expect log_num array entries but the
>> sending end is going to send log_max of them. Conversely, an old->new
>> migration is going to send fewer array entries than the destination
>> expects. Or have I misinterpreted how the VARRAY entries work?
> If a qemu sends data larger than the field, the source side is already
> compromised.

Not if the reason it's sending data larger than the field is because
it's a non-compromised QEMU with this patch which makes it send
log_max entries regardless of log_num, surely?

-- PMM

reply via email to

[Prev in Thread] Current Thread [Next in Thread]