qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH for-2.3 2/4] virtio-ccw: range check in READ_VQ_CONF


From: Cornelia Huck
Subject: [Qemu-devel] [PATCH for-2.3 2/4] virtio-ccw: range check in READ_VQ_CONF
Date: Thu, 26 Mar 2015 16:36:00 +0100

Processing for READ_VQ_CONF needs to check whether the requested queue
value is actually in the supported range and post a channel program
check if not.

Cc: address@hidden
Reviewed-by: David Hildenbrand <address@hidden>
Signed-off-by: Cornelia Huck <address@hidden>
---
 hw/s390x/virtio-ccw.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hw/s390x/virtio-ccw.c b/hw/s390x/virtio-ccw.c
index ceb6a45..d32ecaf 100644
--- a/hw/s390x/virtio-ccw.c
+++ b/hw/s390x/virtio-ccw.c
@@ -549,6 +549,10 @@ static int virtio_ccw_cb(SubchDev *sch, CCW1 ccw)
             ret = -EFAULT;
         } else {
             vq_config.index = lduw_be_phys(&address_space_memory, ccw.cda);
+            if (vq_config.index >= VIRTIO_PCI_QUEUE_MAX) {
+                ret = -EINVAL;
+                break;
+            }
             vq_config.num_max = virtio_queue_get_num(vdev,
                                                      vq_config.index);
             stw_be_phys(&address_space_memory,
-- 
2.3.4




reply via email to

[Prev in Thread] Current Thread [Next in Thread]