[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] fix :cirrus_vga fix OOB read case qemu Segmenta
From: |
Gerd Hoffmann |
Subject: |
Re: [Qemu-devel] [PATCH] fix :cirrus_vga fix OOB read case qemu Segmentation fault |
Date: |
Mon, 13 Mar 2017 14:55:07 +0100 |
> @@ -97,6 +97,11 @@ glue(glue(cirrus_bitblt_rop_fwd_transp_,
> ROP_NAME),_8)(CirrusVGAState *s,
> uint8_t p;
> dstpitch -= bltwidth;
> srcpitch -= bltwidth;
> +
> + if (dstpitch < 0 || srcpitch < 0) {
> + return;
> + }
Shouldn't that be ...
if (bltheight > 1 && (dstpitch < 0 || srcpitch < 0)) {
... matching the check of the non-transparent version a few lines up in
the same source file?
cheers,
Gerd