[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v1 1/1] sdhci.c: Limit the maximum block size
From: |
Stefan Hajnoczi |
Subject: |
Re: [Qemu-devel] [PATCH v1 1/1] sdhci.c: Limit the maximum block size |
Date: |
Thu, 8 Oct 2015 10:49:27 +0100 |
User-agent: |
Mutt/1.5.24 (2015-08-30) |
On Tue, Oct 06, 2015 at 11:34:46AM -0700, Peter Crosthwaite wrote:
> On Tue, Oct 6, 2015 at 10:40 AM, Alistair Francis
> <address@hidden> wrote:
> > It is possible for the guest to set an invalid block
> > size which is larger then the fifo_buffer[] array. This
> > could cause a buffer overflow.
> >
> > To avoid this limit the maximum size of the blksize variable.
> >
> > Signed-off-by: Alistair Francis <address@hidden>
> > Suggested-by: Igor Mitsyanko <address@hidden>
> > Reported-by: Intel Security ATR <address@hidden>
> > Reviewed-by: Stefan Hajnoczi <address@hidden>
>
> Reviewed-by: Peter Crosthwaite <address@hidden>
>
> With Pavan's patches and now this, the SD patches are starting to pile
> up on list. What queue do they target? target-arm (as lead/major user)
> or something block-related?
I can pick them up for now in my block pull requests. Note that I'm not
an SD expert so I can't review/maintain the code.
Stefan