Re: [PATCH] vnc: avoid underflow when accessing user-provided address

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] vnc: avoid underflow when accessing user-provided address

From:	Vladimir Sementsov-Ogievskiy
Subject:	Re: [PATCH] vnc: avoid underflow when accessing user-provided address
Date:	Fri, 21 Apr 2023 12:44:15 +0300
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.9.0

On 30.03.23 15:44, Paolo Bonzini wrote:

If hostlen is zero, there is a possibility that addrstr[hostlen - 1]
underflows and, if a closing bracked is there, hostlen - 2 is passed
to g_strndup() on the next line.  If websocket==false then
addrstr[0] would be a colon, but if websocket==true this could in
principle happen.

Fix it by checking hostlen.

Reported by Coverity.

Signed-off-by: Paolo Bonzini<pbonzini@redhat.com>


I've already sent a similar patch, yes, but let's finally merge any:)

Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@yandex-team.ru>

--
Best regards,
Vladimir

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [PATCH] vnc: avoid underflow when accessing user-provided address, Vladimir Sementsov-Ogievskiy <=

Prev by Date: Re: [RFC PATCH 05/13] gfxstream + rutabaga prep: virtio_gpu_gl -> virtio_gpu_virgl
Next by Date: Re: [RFC PATCH 07/13] gfxstream + rutabaga prep: define callbacks in realize function
Previous by thread: Re: [PATCH 2/3] block: do not check bdrv_file_open
Next by thread: Re: test-blockjob: intermittent CI failures in msys2-64bit job
Index(es):
- Date
- Thread