Re: [Qemu-devel] [PATCH v2] virtio-serial: fix heap-over-flow

On Wed, Apr 04, 2018 at 10:53:22AM +0100, Stefan Hajnoczi wrote: > On Wed, Mar 28, 2018 at 09:34:35PM +0800, linzhecheng wrote: > > Check device having the feature of VIRTIO_CONSOLE_F_EMERG_WRITE before > > get config->emerg_wr. It is neccessary because sizeof(virtio_console_config) > > is 8 byte i

Re: [Qemu-devel] [PATCH v2] virtio-serial: fix heap-over-flow

On Wed, Mar 28, 2018 at 09:34:35PM +0800, linzhecheng wrote: > Check device having the feature of VIRTIO_CONSOLE_F_EMERG_WRITE before > get config->emerg_wr. It is neccessary because sizeof(virtio_console_config) > is 8 byte if VirtIOSerial doesn't have the feature of > VIRTIO_CONSOLE_F_EMERG_WRITE

[Qemu-devel] [PATCH v2] virtio-serial: fix heap-over-flow

Check device having the feature of VIRTIO_CONSOLE_F_EMERG_WRITE before get config->emerg_wr. It is neccessary because sizeof(virtio_console_config) is 8 byte if VirtIOSerial doesn't have the feature of VIRTIO_CONSOLE_F_EMERG_WRITE(see virtio_serial_device_realize), read/write emerg_wr will lead to