[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v2 0/9] ccid-card-passthru: check buffer size parame
From: |
Philippe Mathieu-Daudé |
Subject: |
[Qemu-devel] [PATCH v2 0/9] ccid-card-passthru: check buffer size parameter |
Date: |
Thu, 14 Feb 2019 21:19:30 +0100 |
Hi,
This is the v2 of Prasad J Pandit first version [*], with Paolo's
review comment addressed.
This is a quick fix for CVE-2018-18438: "Integer overflow in
ccid_card_vscard_read() allows memory corruption".
Please review,
Phil.
[*] https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02200.html
Philippe Mathieu-Daudé (9):
ccid-card-passthru: Move assertion in read() to can_read()
ccid-card-passthru: Replace never trigger if statement by an assertion
ccid-card-passthru: Assert on a stricter expression
ccid-card-passthru: Let the chardev::read() be more generic
ccid-card-passthru: Replace assert() by QEMU_BUILD_BUG_ON()
ccid-card-passthru: Simplify the if() condition
ccid-card-passthru: Use QERR_MISSING_PARAMETER
ccid-card-passthru: Use size_t to hold size argument
ccid-card-passthru: Use size_t for index
hw/usb/ccid-card-passthru.c | 73 +++++++++++++++++--------------------
1 file changed, 34 insertions(+), 39 deletions(-)
--
2.20.1
- [Qemu-devel] [PATCH v2 0/9] ccid-card-passthru: check buffer size parameter,
Philippe Mathieu-Daudé <=
[Qemu-devel] [PATCH v2 3/9] ccid-card-passthru: Assert on a stricter expression, Philippe Mathieu-Daudé, 2019/02/14