diff options
author | Prasad J Pandit <pjp@fedoraproject.org> | 2017-11-16 13:21:55 +0530 |
---|---|---|
committer | Gerd Hoffmann <kraxel@redhat.com> | 2018-01-29 09:30:25 +0100 |
commit | 802cbcb73002b92e6ddc8464d39b668a71b78d74 (patch) | |
tree | d41d5087948347becb6df7b634445c0fa32c5a71 /hw/char | |
parent | a5f99be41ee8d874ab63c4abf733c91a483a28d4 (diff) | |
download | qemu-802cbcb73002b92e6ddc8464d39b668a71b78d74.zip qemu-802cbcb73002b92e6ddc8464d39b668a71b78d74.tar.gz qemu-802cbcb73002b92e6ddc8464d39b668a71b78d74.tar.bz2 |
ps2: check PS2Queue pointers in post_load routine
During Qemu guest migration, a destination process invokes ps2
post_load function. In that, if 'rptr' and 'count' values were
invalid, it could lead to OOB access or infinite loop issue.
Add check to avoid it.
Reported-by: Cyrille Chatras <cyrille.chatras@orange.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 20171116075155.22378-1-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Diffstat (limited to 'hw/char')
0 files changed, 0 insertions, 0 deletions