Re: [PATCH] acpi: validate hotplug selector on access

2021-12-23 Thread Mauro Matteo Cascella
On Thu, Dec 23, 2021 at 2:43 PM Michael S. Tsirkin wrote: > > On Thu, Dec 23, 2021 at 10:58:14AM +0100, Mauro Matteo Cascella wrote: > > Hi, > > > > On Wed, Dec 22, 2021 at 9:52 PM Michael S. Tsirkin wrote: > > > > > > On Wed, Dec 22, 2021 at 09:27:51PM +0100, Philippe Mathieu-Daudé wrote: > > >

Re: [PATCH] acpi: validate hotplug selector on access

2021-12-23 Thread Michael S. Tsirkin
On Thu, Dec 23, 2021 at 10:58:14AM +0100, Mauro Matteo Cascella wrote: > Hi, > > On Wed, Dec 22, 2021 at 9:52 PM Michael S. Tsirkin wrote: > > > > On Wed, Dec 22, 2021 at 09:27:51PM +0100, Philippe Mathieu-Daudé wrote: > > > On Wed, Dec 22, 2021 at 9:20 PM Michael S. Tsirkin > > > wrote: > > >

Re: [PATCH] acpi: validate hotplug selector on access

2021-12-23 Thread Mauro Matteo Cascella
Hi, On Wed, Dec 22, 2021 at 9:52 PM Michael S. Tsirkin wrote: > > On Wed, Dec 22, 2021 at 09:27:51PM +0100, Philippe Mathieu-Daudé wrote: > > On Wed, Dec 22, 2021 at 9:20 PM Michael S. Tsirkin wrote: > > > On Wed, Dec 22, 2021 at 08:19:41PM +0100, Philippe Mathieu-Daudé wrote: > > > > +Mauro & A

Re: [PATCH] acpi: validate hotplug selector on access

2021-12-22 Thread Michael S. Tsirkin
On Wed, Dec 22, 2021 at 09:27:51PM +0100, Philippe Mathieu-Daudé wrote: > On Wed, Dec 22, 2021 at 9:20 PM Michael S. Tsirkin wrote: > > On Wed, Dec 22, 2021 at 08:19:41PM +0100, Philippe Mathieu-Daudé wrote: > > > +Mauro & Alex > > > > > > On 12/21/21 15:48, Michael S. Tsirkin wrote: > > > > When

Re: [PATCH] acpi: validate hotplug selector on access

2021-12-22 Thread Philippe Mathieu-Daudé
On Wed, Dec 22, 2021 at 9:20 PM Michael S. Tsirkin wrote: > On Wed, Dec 22, 2021 at 08:19:41PM +0100, Philippe Mathieu-Daudé wrote: > > +Mauro & Alex > > > > On 12/21/21 15:48, Michael S. Tsirkin wrote: > > > When bus is looked up on a pci write, we didn't > > > validate that the lookup succeeded.

Re: [PATCH] acpi: validate hotplug selector on access

2021-12-22 Thread Michael S. Tsirkin
On Wed, Dec 22, 2021 at 08:19:41PM +0100, Philippe Mathieu-Daudé wrote: > +Mauro & Alex > > On 12/21/21 15:48, Michael S. Tsirkin wrote: > > When bus is looked up on a pci write, we didn't > > validate that the lookup succeeded. > > Fuzzers thus can trigger QEMU crash by dereferencing the NULL > >

Re: [PATCH] acpi: validate hotplug selector on access

2021-12-22 Thread Philippe Mathieu-Daudé
+Mauro & Alex On 12/21/21 15:48, Michael S. Tsirkin wrote: > When bus is looked up on a pci write, we didn't > validate that the lookup succeeded. > Fuzzers thus can trigger QEMU crash by dereferencing the NULL > bus pointer. > > Fixes: b32bd763a1 ("pci: introduce acpi-index property for PCI devi

Re: [PATCH] acpi: validate hotplug selector on access

2021-12-21 Thread Ani Sinha
On Tue, 21 Dec 2021, Michael S. Tsirkin wrote: > When bus is looked up on a pci write, we didn't > validate that the lookup succeeded. > Fuzzers thus can trigger QEMU crash by dereferencing the NULL > bus pointer. Good fix. Nice catch. > > Fixes: b32bd763a1 ("pci: introduce acpi-index propert

Re: [PATCH] acpi: validate hotplug selector on access

2021-12-21 Thread Philippe Mathieu-Daudé
On 12/21/21 15:48, Michael S. Tsirkin wrote: > When bus is looked up on a pci write, we didn't > validate that the lookup succeeded. > Fuzzers thus can trigger QEMU crash by dereferencing the NULL > bus pointer. > > Fixes: b32bd763a1 ("pci: introduce acpi-index property for PCI device") > Cc: "Igo

[PATCH] acpi: validate hotplug selector on access

2021-12-21 Thread Michael S. Tsirkin
When bus is looked up on a pci write, we didn't validate that the lookup succeeded. Fuzzers thus can trigger QEMU crash by dereferencing the NULL bus pointer. Fixes: b32bd763a1 ("pci: introduce acpi-index property for PCI device") Cc: "Igor Mammedov" Fixes: https://gitlab.com/qemu-project/qemu/-/