[Qemu-devel] [PATCH 22/37] virtio-ccw: Queue sanity check for notify hypercall.

Michael Roth Tue, 02 Apr 2013 15:03:12 -0700

From: Cornelia Huck <cornelia.h...@de.ibm.com>

Verify that the virtio-ccw notify hypercall passed a reasonable
value for queue.


Cc: qemu-sta...@nongnu.org
Reported-by: Alexander Graf <ag...@suse.de>
Signed-off-by: Cornelia Huck <cornelia.h...@de.ibm.com>
(cherry picked from commit b57ed9bf075e33cdd2f9eb545ff555301dd57221)

Signed-off-by: Michael Roth <mdr...@linux.vnet.ibm.com>
---
 hw/s390x/s390-virtio-ccw.c |    3 +++
 1 file changed, 3 insertions(+)

diff --git a/hw/s390x/s390-virtio-ccw.c b/hw/s390x/s390-virtio-ccw.c
index 6549211..f90b5e4 100644
--- a/hw/s390x/s390-virtio-ccw.c
+++ b/hw/s390x/s390-virtio-ccw.c
@@ -31,6 +31,9 @@ static int virtio_ccw_hcall_notify(const uint64_t *args)
     if (!sch || !css_subch_visible(sch)) {
         return -EINVAL;
     }
+    if (queue >= VIRTIO_PCI_QUEUE_MAX) {
+        return -EINVAL;
+    }
     virtio_queue_notify(virtio_ccw_get_vdev(sch), queue);
     return 0;
 
-- 
1.7.9.5

[Qemu-devel] [PATCH 22/37] virtio-ccw: Queue sanity check for notify hypercall.

Reply via email to