 Home |
Products |
Support |
Community |
News |
xen-changelog
[Xen-changelog] [xen-unstable] [HVM] Avoid buffer overrun in qemu-dm
| To: | xen-changelog@xxxxxxxxxxxxxxxxxxx |
|---|---|
| Subject: | [Xen-changelog] [xen-unstable] [HVM] Avoid buffer overrun in qemu-dm |
| From: | Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx> |
| Date: | Wed, 25 Oct 2006 15:20:14 +0000 |
| Delivery-date: | Wed, 25 Oct 2006 08:20:26 -0700 |
| Envelope-to: | www-data@xxxxxxxxxxxxxxxxxx |
| List-help: | <mailto:xen-changelog-request@lists.xensource.com?subject=help> |
| List-id: | BK change log <xen-changelog.lists.xensource.com> |
| List-post: | <mailto:xen-changelog@lists.xensource.com> |
| List-subscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe> |
| List-unsubscribe: | <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe> |
| Reply-to: | xen-devel@xxxxxxxxxxxxxxxxxxx |
| Sender: | xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx |
# HG changeset patch
# User Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>
# Node ID 72ce74a680d7a3d63f62b29d7e1ef844d55ffe32
# Parent ffbd9e4668a6cfd3c936c7344c194afe368f2642
[HVM] Avoid buffer overrun in qemu-dm
The array offset in set_bits_in_row here comes from an otherwise un-checked
VNC client request.
Signed-off-by: Tim Deegan <Tim.Deegan@xxxxxxxxxxxxx>
---
tools/ioemu/vnc.c | 2 ++
1 files changed, 2 insertions(+)
diff -r ffbd9e4668a6 -r 72ce74a680d7 tools/ioemu/vnc.c
--- a/tools/ioemu/vnc.c Wed Oct 25 10:59:00 2006 +0100
+++ b/tools/ioemu/vnc.c Wed Oct 25 11:39:57 2006 +0100
@@ -203,6 +203,8 @@ static void set_bits_in_row(VncState *vs
mask = ~(0ULL);
h += y;
+ if (h > vs->ds->height)
+ h = vs->ds->height;
for (; y < h; y++)
row[y] |= mask;
}
_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [Xen-changelog] [xen-unstable] [BLOCK] blkback: Fix potential grant entry leaks on error, Xen patchbot-unstable |
|---|---|
| Next by Date: | [Xen-changelog] [xen-unstable] [XEND] Be more generous with the default shadow allocation., Xen patchbot-unstable |
| Previous by Thread: | [Xen-changelog] [xen-unstable] [BLOCK] blkback: Fix potential grant entry leaks on error, Xen patchbot-unstable |
| Next by Thread: | [Xen-changelog] [xen-unstable] [XEND] Be more generous with the default shadow allocation., Xen patchbot-unstable |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
