Cc'ing Marc-André our signed/unsigned conversion expert (with Paolo).
On 5/7/20 12:57 PM, P J P wrote:
From: Prasad J Pandit <p...@fedoraproject.org> Hello, * This series fixes an OOB access issue which may occur when a guest user sets 's->reply_queue_head' field to a negative(or large positive) value, via 'struct mfi_init_qinfo' object in megasas_init_firmware().
Do you have a reproducer?
* Second patch updates other numeric fields of MegasasState to unsigned type. Thank you. --- Prasad J Pandit (2): megasas: use unsigned type for reply_queue_head megasas: use unsigned type for positive numeric fields hw/scsi/megasas.c | 40 ++++++++++++++++++++-------------------- 1 file changed, 20 insertions(+), 20 deletions(-)
