I might be mistaken, but I don't think this patch actually fixes
CVE-2017-13672. I tested the latest git repo (last commit 530049bc1d)
against my initial reproducer, and QEMU still segfaults.
I think this is because the actual OOB read occurs inside pixman, which
of course is not affected by this
On 09/10/17 13:56, Gerd Hoffmann wrote:
> How do you start
> qemu? Which user interface?
Like this:
qemu-system-x86_64 -vga cirrus [disk image]
(which I assume is using the GTK interface)
I have attached the reproducer NASM source and disk image.
Note that the reproducer is using VBE.
> Have y
