I might be mistaken, but I don't think this patch actually fixes CVE-2017-13672. I tested the latest git repo (last commit 530049bc1d) against my initial reproducer, and QEMU still segfaults.
I think this is because the actual OOB read occurs inside pixman, which of course is not affected by this patch. Perhaps bounds checks need to be applied to the arguments passed into pixman?
signature.asc
Description: OpenPGP digital signature
