qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH 4/4] vnc: Limit r/w access to size of allocated

From: Stefan Weil
Subject: Re: [Qemu-devel] [PATCH 4/4] vnc: Limit r/w access to size of allocated memory
Date: Sun, 10 Apr 2011 08:28:02 +0200
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.14) Gecko/20110223 Thunderbird/3.1.8 
Am 10.04.2011 00:17, schrieb Aurelien Jarno:

On Mon, Mar 21, 2011 at 09:34:38AM +0100, Corentin Chary wrote:

From: Stefan Weil <address@hidden>

This fixes memory reads and writes which exceeded the upper limit
of allocated memory vd->guest.ds->data and vd->server->data.

Cc: Anthony Liguori <address@hidden>
Signed-off-by: Stefan Weil <address@hidden>
Signed-off-by: Corentin Chary <address@hidden>
---
ui/vnc.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/ui/vnc.c b/ui/vnc.c
index 90b6384..3138053 100644
--- a/ui/vnc.c
+++ b/ui/vnc.c
@@ -2414,6 +2414,9 @@ static int vnc_refresh_server_surface(VncDisplay *vd) 
* Update server dirty map.
*/
cmp_bytes = 16 * ds_get_bytes_per_pixel(vd->ds);
+ if (cmp_bytes > vd->ds->surface->linesize) {
+ cmp_bytes = vd->ds->surface->linesize;
+ }


What about using ds_get_linesize(vd->ds) instead?


Yes, that's better. Please either change the two lines, or
wait until I have sent a new version of the patch.

The patch should be applied to stable, too.

Thanks,
Stefan
reply via email to
[Prev in Thread] Current Thread [Next in Thread]