These two patches fix a couple of issues which were found by the fuzzer as a
consequence of allowing the guest to change the SCSI block size in commit
356c4c441e ("scsi-disk: allow MODE SELECT block descriptor to set the block
size").
Signed-off-by: Mark Cave-Ayland <mark.cave-ayl...@ilande.co.uk>
Mark Cave-Ayland (2):
scsi-disk: fix overflow when block size is not a multiple of
BDRV_SECTOR_SIZE
scsi-disk: ensure block size is non-zero and changes limited to bits
8-15
hw/scsi/scsi-disk.c | 25 ++++++++++++++++++-------
1 file changed, 18 insertions(+), 7 deletions(-)
--
2.30.2
