On 20 January 2016 at 18:50, P J P <ppan...@redhat.com> wrote: > From: Prasad J Pandit <p...@fedoraproject.org> > > While processing standard SD commands, the 'req.cmd' value could > lead to OOB read when used as an index into 'sd_cmd_type' or > 'sd_cmd_class' arrays. Limit 'req.cmd' value to avoid such an > access. > > Reported-by: Qinghao Tang <luodalon...@gmail.com> > Signed-off-by: Prasad J Pandit <p...@fedoraproject.org> > --- > hw/sd/sd.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > Update as per review: > -> https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03769.html
Reviewed-by: Peter Maydell <peter.mayd...@linaro.org> thanks -- PMM
