OSDN Git Service
(root)
/
qmiga
/
qemu.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
87ad860
)
Revert "nvme: fix oob access issue(CVE-2018-16847)"
author
Kevin Wolf
<kwolf@redhat.com>
Thu, 22 Nov 2018 14:52:20 +0000
(15:52 +0100)
committer
Kevin Wolf
<kwolf@redhat.com>
Thu, 22 Nov 2018 15:43:52 +0000
(16:43 +0100)
This reverts commit
5e3c0220d7e4f0361c4d36c697a8842f2b583402
.
We have a better fix commited for this now.
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
hw/block/nvme.c
patch
|
blob
|
history
diff --git
a/hw/block/nvme.c
b/hw/block/nvme.c
index
8c35cab
..
84062d3
100644
(file)
--- a/
hw/block/nvme.c
+++ b/
hw/block/nvme.c
@@
-1177,10
+1177,6
@@
static void nvme_cmb_write(void *opaque, hwaddr addr, uint64_t data,
unsigned size)
{
NvmeCtrl *n = (NvmeCtrl *)opaque;
-
- if (addr + size > NVME_CMBSZ_GETSIZE(n->bar.cmbsz)) {
- return;
- }
memcpy(&n->cmbuf[addr], &data, size);
}
@@
-1189,9
+1185,6
@@
static uint64_t nvme_cmb_read(void *opaque, hwaddr addr, unsigned size)
uint64_t val;
NvmeCtrl *n = (NvmeCtrl *)opaque;
- if (addr + size > NVME_CMBSZ_GETSIZE(n->bar.cmbsz)) {
- return 0;
- }
memcpy(&val, &n->cmbuf[addr], size);
return val;
}