Re: [Qemu-devel] [PATCH] gtk: avoid oob array access

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH] gtk: avoid oob array access

From:	Gerd Hoffmann
Subject:	Re: [Qemu-devel] [PATCH] gtk: avoid oob array access
Date:	Wed, 04 Jan 2017 10:01:29 +0100

On Mi, 2016-12-07 at 13:55 +0300, Marc-André Lureau wrote:
> When too many consoles are created, vcs[] may be write out-of-bounds.
> 
> Signed-off-by: Marc-André Lureau <address@hidden>
> ---
>  ui/gtk.c | 5 +++++
>  1 file changed, 5 insertions(+)
> 
> diff --git a/ui/gtk.c b/ui/gtk.c
> index e81642876a..67c52179ee 100644
> --- a/ui/gtk.c
> +++ b/ui/gtk.c
> @@ -1696,6 +1696,11 @@ static CharDriverState *gd_vc_handler(ChardevVC *vc, 
> Error **errp)
>      ChardevCommon *common = qapi_ChardevVC_base(vc);
>      CharDriverState *chr;
>  
> +    if (nb_vcs == MAX_VCS) {
> +        error_setg(errp, "Maximum number of consoles reached");
> +        return NULL;
> +    }
> +
>      chr = qemu_chr_alloc(common, errp);
>      if (!chr) {
>          return NULL;

added to ui queue.

thanks,
  Gerd

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Qemu-devel] [PATCH] gtk: avoid oob array access, Gerd Hoffmann <=

Prev by Date: Re: [Qemu-devel] [PATCHv4 0/3] Move getting XWindow ID from baum driver to graphical backend
Next by Date: Re: [Qemu-devel] [PATCH v2] egl-helpers: Change file licensing to LGPLv2
Previous by thread: Re: [Qemu-devel] [PATCHv4 0/3] Move getting XWindow ID from baum driver to graphical backend
Next by thread: Re: [Qemu-devel] [PATCH v2] egl-helpers: Change file licensing to LGPLv2
Index(es):
- Date
- Thread