OSDN Git Service
(root)
/
qmiga
/
qemu.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
c246a62
)
ivhsmem: read do not accept more than sizeof(long)
author
Marc-André Lureau
<marcandre.lureau@redhat.com>
Fri, 19 Jun 2015 11:00:32 +0000
(13:00 +0200)
committer
Marc-André Lureau
<marcandre.lureau@redhat.com>
Sat, 24 Oct 2015 16:02:48 +0000
(18:02 +0200)
ivshmem_read() only reads sizeof(long) from the input buffer. Accepting
more could lead to fifo8 abort() on 32bit systems if fifo is not empty.
A following patch will change the protocol to 64-bit little-endian
instead.
Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Claudio Fontana <claudio.fontana@huawei.com>
hw/misc/ivshmem.c
patch
|
blob
|
history
diff --git
a/hw/misc/ivshmem.c
b/hw/misc/ivshmem.c
index
cc76989
..
fb53b3f
100644
(file)
--- a/
hw/misc/ivshmem.c
+++ b/
hw/misc/ivshmem.c
@@
-272,7
+272,7
@@
static void ivshmem_receive(void *opaque, const uint8_t *buf, int size)
static int ivshmem_can_receive(void * opaque)
{
- return
8
;
+ return
sizeof(long)
;
}
static void ivshmem_event(void *opaque, int event)