[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Qemu PCI potential buffer overrun patch

  • To: "Xen devel list" <xen-devel@xxxxxxxxxxxxxxxxxxx>
  • From: "Zulauf, John" <john.zulauf@xxxxxxxxx>
  • Date: Wed, 7 Feb 2007 13:37:22 -0800
  • Delivery-date: Wed, 07 Feb 2007 13:37:52 -0800
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>
  • Thread-index: AcdLACcC5V947A8nT6iuBTiWL0/ZIw==
  • Thread-topic: Qemu PCI potential buffer overrun patch

I've been digging around the guts of ioemu's pci support and noticed
that it is possible for a pci_register_device (in tools/ioemu/hw/pci.c
to create a device structure s.t. it will buffer overflow before
completing the routine (when it sets the irq value).

The attached patch makes sure that the instance size as specified is at
least as big as a PCIDevice structure that the routine is filling out.

John Zulauf
Intel Corporation

== Views expressed reflect only those of the author, not his employer ==

Attachment: pci.patch
Description: pci.patch

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.