| commit | 802cbcb73002b92e6ddc8464d39b668a71b78d74 | |
| author | Prasad J Pandit <pjp@fedoraproject.org> | |
| Thu, 16 Nov 2017 07:51:55 +0000 (16 13:21 +0530) | ||
| committer | Gerd Hoffmann <kraxel@redhat.com> | |
| Mon, 29 Jan 2018 08:30:25 +0000 (29 09:30 +0100) | ||
| tree | d41d5087948347becb6df7b634445c0fa32c5a71 | treesnapshot (tar.gz zip) |
| parent | a5f99be41ee8d874ab63c4abf733c91a483a28d4 | commitdiff |
ps2: check PS2Queue pointers in post_load routine
During Qemu guest migration, a destination process invokes ps2
post_load function. In that, if 'rptr' and 'count' values were
invalid, it could lead to OOB access or infinite loop issue.
Add check to avoid it.
Reported-by: Cyrille Chatras <cyrille.chatras@orange.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20171116075155.22378-1-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
During Qemu guest migration, a destination process invokes ps2
post_load function. In that, if 'rptr' and 'count' values were
invalid, it could lead to OOB access or infinite loop issue.
Add check to avoid it.
Reported-by: Cyrille Chatras <cyrille.chatras@orange.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20171116075155.22378-1-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
| hw/input/ps2.c | diffblobblamehistory |