[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH v1 1/1] sdhci.c: Limit the maximum block size
|
From: |
Alistair Francis |
|
Subject: |
Re: [Qemu-devel] [PATCH v1 1/1] sdhci.c: Limit the maximum block size |
|
Date: |
Thu, 8 Oct 2015 08:46:40 -0700 |
On Thu, Oct 8, 2015 at 2:49 AM, Stefan Hajnoczi <address@hidden> wrote:
> On Tue, Oct 06, 2015 at 11:34:46AM -0700, Peter Crosthwaite wrote:
>> On Tue, Oct 6, 2015 at 10:40 AM, Alistair Francis
>> <address@hidden> wrote:
>> > It is possible for the guest to set an invalid block
>> > size which is larger then the fifo_buffer[] array. This
>> > could cause a buffer overflow.
>> >
>> > To avoid this limit the maximum size of the blksize variable.
>> >
>> > Signed-off-by: Alistair Francis <address@hidden>
>> > Suggested-by: Igor Mitsyanko <address@hidden>
>> > Reported-by: Intel Security ATR <address@hidden>
>> > Reviewed-by: Stefan Hajnoczi <address@hidden>
>>
>> Reviewed-by: Peter Crosthwaite <address@hidden>
>>
>> With Pavan's patches and now this, the SD patches are starting to pile
>> up on list. What queue do they target? target-arm (as lead/major user)
>> or something block-related?
>
> I can pick them up for now in my block pull requests. Note that I'm not
> an SD expert so I can't review/maintain the code.
Thanks :) Applying them should be enough
Alistair
>
> Stefan
>