subject:"\[Qemu\-devel\] \[PATCH\] scsi\: check buffer length before reading scsi command"

Re: [Qemu-devel] [PATCH] scsi: check buffer length before reading scsi command

2016-06-01 Thread Paolo Bonzini

On 31/05/2016 19:53, P J P wrote: > From: Prasad J Pandit > > The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte > FIFO buffer. It is used to handle command and data transfer. > Routine get_cmd() in non-DMA mode, uses 'ti_size' to read scsi > command into a buffer. Add check to

[Qemu-devel] [PATCH] scsi: check buffer length before reading scsi command

2016-05-31 Thread P J P

From: Prasad J Pandit The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte FIFO buffer. It is used to handle command and data transfer. Routine get_cmd() in non-DMA mode, uses 'ti_size' to read scsi command into a buffer. Add check to validate command length against buffer size to a