[Qemu-devel] [PATCH 2/2] qxl/verify_surface_cmd: check format != 0 (bugg

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 2/2] qxl/verify_surface_cmd: check format != 0 (bugg

From:	Alon Levy
Subject:	[Qemu-devel] [PATCH 2/2] qxl/verify_surface_cmd: check format != 0 (buggy drivers can do that)
Date:	Tue, 20 Nov 2012 11:19:01 +0200

Signed-off-by: Alon Levy <address@hidden>
---
 hw/qxl.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/hw/qxl.c b/hw/qxl.c
index af5f68e..91e4fec 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -455,6 +455,12 @@ static int verify_surface_cmd(PCIQXLDevice *qxl, 
QXLSurfaceCmd *cmd)
             return 1;
         }
     }
+    if (cmd->type == QXL_SURFACE_CMD_CREATE &&
+        cmd->u.surface_create.format == 0) {
+        qxl_set_guest_bug(qxl, "QXL_CMD_SURFACE invalid format: %u\n",
+                          cmd->u.surface_create.format);
+        return 1;
+    }
     return 0;
 }
 
-- 
1.8.0

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 1/2] hw/qxl: extract verify_surface_cmd from qxl_track_command, Alon Levy, 2012/11/20
- [Qemu-devel] [PATCH 2/2] qxl/verify_surface_cmd: check format != 0 (buggy drivers can do that), Alon Levy <=
- Re: [Qemu-devel] [PATCH 1/2] hw/qxl: extract verify_surface_cmd from qxl_track_command, Gerd Hoffmann, 2012/11/20
  - Re: [Qemu-devel] [PATCH 1/2] hw/qxl: extract verify_surface_cmd from qxl_track_command, Alon Levy, 2012/11/20

Prev by Date: Re: [Qemu-devel] [PATCH] qxl: Export "mode" as a property
Next by Date: [Qemu-devel] [PATCH 1/2] hw/qxl: extract verify_surface_cmd from qxl_track_command
Previous by thread: [Qemu-devel] [PATCH 1/2] hw/qxl: extract verify_surface_cmd from qxl_track_command
Next by thread: Re: [Qemu-devel] [PATCH 1/2] hw/qxl: extract verify_surface_cmd from qxl_track_command
Index(es):
- Date
- Thread