[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] hw/i386/intel_iommu: Fix out-of-bounds access on guest IRT
From: |
Peter Xu |
Subject: |
Re: [PATCH] hw/i386/intel_iommu: Fix out-of-bounds access on guest IRT |
Date: |
Tue, 10 Mar 2020 14:04:32 -0400 |
On Tue, Mar 10, 2020 at 06:42:11PM +0100, Jan Kiszka wrote:
> From: Jan Kiszka <address@hidden>
>
> vtd_irte_get failed to check the index against the configured table
> size, causing an out-of-bounds access on guest memory and potentially
> misinterpreting the result.
>
> Signed-off-by: Jan Kiszka <address@hidden>
Reviewed-by: Peter Xu <address@hidden>
> ---
>
> BTW, we still miss error reporting emulation, right? Therefore, I added
> that simple error_report_once thing, like the other paths do.
Yes...
Thanks,
--
Peter Xu