[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] gtk: avoid oob array access
From: |
Gerd Hoffmann |
Subject: |
Re: [Qemu-devel] [PATCH] gtk: avoid oob array access |
Date: |
Wed, 04 Jan 2017 10:01:29 +0100 |
On Mi, 2016-12-07 at 13:55 +0300, Marc-André Lureau wrote:
> When too many consoles are created, vcs[] may be write out-of-bounds.
>
> Signed-off-by: Marc-André Lureau <address@hidden>
> ---
> ui/gtk.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/ui/gtk.c b/ui/gtk.c
> index e81642876a..67c52179ee 100644
> --- a/ui/gtk.c
> +++ b/ui/gtk.c
> @@ -1696,6 +1696,11 @@ static CharDriverState *gd_vc_handler(ChardevVC *vc,
> Error **errp)
> ChardevCommon *common = qapi_ChardevVC_base(vc);
> CharDriverState *chr;
>
> + if (nb_vcs == MAX_VCS) {
> + error_setg(errp, "Maximum number of consoles reached");
> + return NULL;
> + }
> +
> chr = qemu_chr_alloc(common, errp);
> if (!chr) {
> return NULL;
added to ui queue.
thanks,
Gerd
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [Qemu-devel] [PATCH] gtk: avoid oob array access,
Gerd Hoffmann <=