qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v1 1/1] sdhci.c: Limit the maximum block size

From: Stefan Hajnoczi
Subject: Re: [Qemu-devel] [PATCH v1 1/1] sdhci.c: Limit the maximum block size
Date: Thu, 8 Oct 2015 10:49:27 +0100
User-agent: Mutt/1.5.24 (2015-08-30) 
On Tue, Oct 06, 2015 at 11:34:46AM -0700, Peter Crosthwaite wrote:
> On Tue, Oct 6, 2015 at 10:40 AM, Alistair Francis
> <address@hidden> wrote:
> > It is possible for the guest to set an invalid block
> > size which is larger then the fifo_buffer[] array. This
> > could cause a buffer overflow.
> >
> > To avoid this limit the maximum size of the blksize variable.
> >
> > Signed-off-by: Alistair Francis <address@hidden>
> > Suggested-by: Igor Mitsyanko <address@hidden>
> > Reported-by: Intel Security ATR <address@hidden>
> > Reviewed-by: Stefan Hajnoczi <address@hidden>
> 
> Reviewed-by: Peter Crosthwaite <address@hidden>
> 
> With Pavan's patches and now this, the SD patches are starting to pile
> up on list. What queue do they target? target-arm (as lead/major user)
> or something block-related?

I can pick them up for now in my block pull requests.  Note that I'm not
an SD expert so I can't review/maintain the code.

Stefan
reply via email to
[Prev in Thread] Current Thread [Next in Thread]