Re: [PATCH] hw/rdma: Fix possible mremap overflow in the pvrdma device (

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] hw/rdma: Fix possible mremap overflow in the pvrdma device (

From:	P J P
Subject:	Re: [PATCH] hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582)
Date:	Thu, 17 Jun 2021 09:38:22 +0000 (UTC)

On Wednesday, 16 June, 2021, 04:36:09 pm IST, Marcel Apfelbaum 
<marcel.apfelbaum@gmail.com> wrote:
>From: Marcel Apfelbaum <marcel@redhat.com>
>diff --git a/hw/rdma/vmw/pvrdma_cmd.c b/hw/rdma/vmw/pvrdma_cmd.c
>index f59879e257..dadab4966b 100644
>--- a/hw/rdma/vmw/pvrdma_cmd.c
>+++ b/hw/rdma/vmw/pvrdma_cmd.c
>@@ -38,6 +38,12 @@ static void *pvrdma_map_to_pdir(PCIDevice *pdev, uint64_t 
>pdir_dma,
>        return NULL;
>    }
>
>+    length = ROUND_UP(length, TARGET_PAGE_SIZE);
>+    if (nchunks * TARGET_PAGE_SIZE != length) {
>+        rdma_error_report("Invalid nchunks/length (%u, %lu)", nchunks, 
>length);
>+        return NULL;
>+    }
>+
>    dir = rdma_pci_dma_map(pdev, pdir_dma, TARGET_PAGE_SIZE);
>    if (!dir) {
>        rdma_error_report("Failed to map to page directory");
>

Looks okay.
Reviewed-by: Prasad J Pandit <pjp@fedoraproject.org>


Thank you.
---
  -P J P
http://feedmug.com

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH] hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582), Marcel Apfelbaum, 2021/06/16
- Re: [PATCH] hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582), P J P <=
- Re: [PATCH] hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582), Yuval Shaia, 2021/06/18

Prev by Date: Re: [PATCH v4 7/7] crypto: Make QCryptoTLSCreds* structures private
Next by Date: Re: [PULL 00/34] NBD patches for 2021-06-15
Previous by thread: [PATCH] hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582)
Next by thread: Re: [PATCH] hw/rdma: Fix possible mremap overflow in the pvrdma device (CVE-2021-3582)
Index(es):
- Date
- Thread