| commit | 3328c14e63f08fb07e8c6dec779c9d365e9e9864 | |
| author | hangaohuai <hangaohuai@huawei.com> | |
| Tue, 14 Mar 2017 06:39:19 +0000 (14 14:39 +0800) | ||
| committer | Michael Roth <mdroth@linux.vnet.ibm.com> | |
| Tue, 21 Mar 2017 20:03:08 +0000 (21 15:03 -0500) | ||
| tree | d2440e28ca89fc7b84b8dce66e7342e311b956e5 | treesnapshot (tar.gz zip) |
| parent | a99fd943c4ee49cea7600f185a01ae0cfe1cc3e9 | commitdiff |
fix :cirrus_vga fix OOB read case qemu Segmentation fault
check the validity of parameters in cirrus_bitblt_rop_fwd_transp_xxx
and cirrus_bitblt_rop_fwd_xxx to avoid the OOB read which causes qemu Segmentation fault.
After the fix, we will touch the assert in
cirrus_invalidate_region:
assert(off_cur_end >= off_cur);
Signed-off-by: fangying <fangying1@huawei.com>
Signed-off-by: hangaohuai <hangaohuai@huawei.com>
Message-id: 20170314063919.16200-1-hangaohuai@huawei.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 215902d7b6fb50c6fc216fc74f770858278ed904)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
check the validity of parameters in cirrus_bitblt_rop_fwd_transp_xxx
and cirrus_bitblt_rop_fwd_xxx to avoid the OOB read which causes qemu Segmentation fault.
After the fix, we will touch the assert in
cirrus_invalidate_region:
assert(off_cur_end >= off_cur);
Signed-off-by: fangying <fangying1@huawei.com>
Signed-off-by: hangaohuai <hangaohuai@huawei.com>
Message-id: 20170314063919.16200-1-hangaohuai@huawei.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
(cherry picked from commit 215902d7b6fb50c6fc216fc74f770858278ed904)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
| hw/display/cirrus_vga_rop.h | diffblobblamehistory |