> Thanks for the patch. I'm planning on giving Dave Airlie's series a
> try for 0.12.0. I'm pretty comfortable with those patches (since a
> few of them are mine :-)). I also don't think vmware-vga is going to
> be reliable without them so I don't think pulling in the one fix is
> good enough.
>
> His last patch has the same fix without the printf(). The printf is
> probably something to avoid since a malicious guest could create a
> storm of them. Since libvirt logs stderr by default, the result could
> be pretty nasty.
Fair enough... I just saw Dave's patches go by, and I guess we
independently fixed the cursor size thing at right around the same time.
How about the following, without the fprintf but with paranoid checks
(since a malicious guest could send a bad DEFINE_CURSOR and do who knows
what with the buffer overrun, which is even worse than spamming logs ;)