[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH] cryptodev-vhost-user: fix a oob access
From: |
Li Qiang |
Subject: |
[Qemu-devel] [PATCH] cryptodev-vhost-user: fix a oob access |
Date: |
Sun, 17 Mar 2019 02:09:48 -0700 |
The 'queue_index' of create/close_session function
is from guest and can be exceed 'MAX_CRYPTO_QUEUE_NUM'.
This leads oob access. This patch avoid this.
Signed-off-by: Li Qiang <address@hidden>
---
backends/cryptodev-vhost-user.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/backends/cryptodev-vhost-user.c b/backends/cryptodev-vhost-user.c
index 1052a5d0e9..36a40eeb4d 100644
--- a/backends/cryptodev-vhost-user.c
+++ b/backends/cryptodev-vhost-user.c
@@ -236,6 +236,8 @@ static int64_t cryptodev_vhost_user_sym_create_session(
CryptoDevBackendSymSessionInfo *sess_info,
uint32_t queue_index, Error **errp)
{
+ assert(queue_index < MAX_CRYPTO_QUEUE_NUM);
+
CryptoDevBackendClient *cc =
backend->conf.peers.ccs[queue_index];
CryptoDevBackendVhost *vhost_crypto;
@@ -262,6 +264,8 @@ static int cryptodev_vhost_user_sym_close_session(
uint64_t session_id,
uint32_t queue_index, Error **errp)
{
+ assert(queue_index < MAX_CRYPTO_QUEUE_NUM);
+
CryptoDevBackendClient *cc =
backend->conf.peers.ccs[queue_index];
CryptoDevBackendVhost *vhost_crypto;
--
2.17.1
- [Qemu-devel] [PATCH] cryptodev-vhost-user: fix a oob access,
Li Qiang <=