[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-stable] [PATCH 35/37] linux-user: make bogus negative iovec length
|
From: |
Michael Roth |
|
Subject: |
[Qemu-stable] [PATCH 35/37] linux-user: make bogus negative iovec lengths fail EINVAL |
|
Date: |
Tue, 2 Apr 2013 16:45:40 -0500 |
From: Peter Maydell <address@hidden>
If the guest passes us a bogus negative length for an iovec, fail
EINVAL rather than proceeding blindly forward. This fixes some of
the error cases tests for readv and writev in the LTP.
Signed-off-by: Peter Maydell <address@hidden>
Reviewed-by: Richard Henderson <address@hidden>
Signed-off-by: Riku Voipio <address@hidden>
(cherry picked from commit dfae8e00f8ddeedcda24bd28f71d4fd2a9f988b8)
Signed-off-by: Michael Roth <address@hidden>
---
linux-user/syscall.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/linux-user/syscall.c b/linux-user/syscall.c
index 7bc5ba9..b682357 100644
--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
@@ -1776,7 +1776,7 @@ static struct iovec *lock_iovec(int type, abi_ulong
target_addr,
errno = 0;
return NULL;
}
- if (count > IOV_MAX) {
+ if (count < 0 || count > IOV_MAX) {
errno = EINVAL;
return NULL;
}
--
1.7.9.5
- [Qemu-stable] [PATCH 18/37] qcow2: make is_allocated return true for zero clusters, (continued)
- [Qemu-stable] [PATCH 18/37] qcow2: make is_allocated return true for zero clusters, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 19/37] qemu-ga: use key-value store to avoid recycling fd handles after restart, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 21/37] tcg: Fix occasional TCG broken problem when ldst optimization enabled, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 22/37] virtio-ccw: Queue sanity check for notify hypercall., Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 20/37] qga/main.c: Don't use g_key_file_get/set_int64, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 24/37] configure: Require at least spice-protocol-0.12.3, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 23/37] qemu-bridge-helper: force usage of a very high MAC address for the bridge, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 26/37] target-ppc: Fix CPU_POWERPC_MPC8547E, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 25/37] pseries: Add cleanup hook for PAPR virtual LAN device, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 33/37] linux-user/syscall.c: handle FUTEX_WAIT_BITSET in do_futex, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 35/37] linux-user: make bogus negative iovec lengths fail EINVAL,
Michael Roth <=
- [Qemu-stable] [PATCH 34/37] linux-user: fix futex strace of FUTEX_CLOCK_REALTIME, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 36/37] linux-user/syscall.c: Don't warn about unimplemented get_robust_list, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 29/37] Fix page_cache leak in cache_resize, Michael Roth, 2013/04/02
- Re: [Qemu-stable] [Qemu-devel] Patch Round-up for stable 1.4.1, freeze next Tuesday, Eric Blake, 2013/04/02
- [Qemu-stable] [PATCH 31/37] qcow2: flush refcount cache correctly in alloc_refcount_block(), Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 37/37] update seabios to 1.7.2.1, Michael Roth, 2013/04/02
- [Qemu-stable] [PATCH 30/37] page_cache: fix memory leak, Michael Roth, 2013/04/02