>>> On 04.03.16 at 15:09, <konrad.w...@oracle.com> wrote: > On Fri, Mar 04, 2016 at 01:21:19AM -0700, Jan Beulich wrote: >> In the course of backporting other XSA fixes to very old trees I had >> noticed that the XSA-155 had shrunk to just the change to >> xen/include/public/io/ring.h at some point, which didn't seem right. >> Clearly up to 4.5 the situation of blktap1 is the same as that of >> blktap2, i.e. one would think it also needs to be fixed. However, in >> the course of doing so I stumbled across the code blindly using >> req->id as an array index (which similarly is the case for blktap2). >> That alone would be another security issue, if only the first change > > Yes. We fixed that in blkback some time ago, but yes that code base > has some quite errant bugs in it. > > Would love to say I can fix them, but the TODO list is getting > a bit long.
But my point was - there is (and was) nothing to fix there. Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org http://lists.xen.org/xen-devel
