[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v3 0/4] ivshmem security fixes
From: |
Andreas Färber |
Subject: |
[Qemu-devel] [PATCH v3 0/4] ivshmem security fixes |
Date: |
Mon, 15 Sep 2014 18:40:04 +0200 |
Hello,
This series tightens security on incoming data for ivshmem, originally sparked
by SUSE's security team (Sebastian Krahmer). I've combined them and tackled
remaining review feedback.
Regards,
Andreas
Changes from Sebastian's #2:
* Rebased onto Stefan's patches
* Dropped g_realloc() check (Stefan)
* Fixed fd leak and appended a patch fixing another one (Stefan)
* Simplified comment (Stefan)
Changes from Stefan's series:
* Modified to handle partial reads (Peter/Gerd)
* Changed check from > to >= (Peter)
Cc: Cam Macdonell <address@hidden>
Cc: Stefan Hajnoczi <address@hidden>
Cc: Michael S. Tsirkin <address@hidden>
Cc: Sebastian Krahmer <address@hidden>
Cc: Peter Maydell <address@hidden>
Cc: Gerd Hoffmann <address@hidden>
Cc: David Marchand <address@hidden>
Andreas Färber (1):
ivshmem: Fix fd leak on error
Sebastian Krahmer (1):
ivshmem: Fix potential OOB r/w access
Stefan Hajnoczi (2):
ivshmem: Check ivshmem_read() size argument
ivshmem: validate incoming_posn value from server
hw/misc/ivshmem.c | 66 ++++++++++++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 60 insertions(+), 6 deletions(-)
--
1.8.4.5
- [Qemu-devel] [PATCH v3 0/4] ivshmem security fixes,
Andreas Färber <=