rtl8139: avoid nested ifs in IP header parsing (CVE-2015-5165) - focaccia-qemu - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Stefan Hajnoczi <stefanha@redhat.com>	2015-07-15 17:13:32 +0100
committer	Stefan Hajnoczi <stefanha@redhat.com>	2015-08-03 13:06:59 +0100
commit	39b8e7dcaf04cbdb926b478f825b160d852752b5 (patch)
tree	61ad89a8348d673fb3dfdd1df0652ef728cbbcfd /scripts/qapi-commands.py
parent	cb48f67ad8c7b33c617d4f8144a27706e69fd688 (diff)
download	focaccia-qemu-39b8e7dcaf04cbdb926b478f825b160d852752b5.tar.gz focaccia-qemu-39b8e7dcaf04cbdb926b478f825b160d852752b5.zip

rtl8139: avoid nested ifs in IP header parsing (CVE-2015-5165)

Transmit offload needs to parse packet headers.  If header fields have
unexpected values the offload processing is skipped.

The code currently uses nested ifs because there is relatively little
input validation.  The next patches will add missing input validation
and a goto label is more appropriate to avoid deep if statement nesting.

Reported-by: 朱东海(启路) <donghai.zdh@alibaba-inc.com>
Reviewed-by: Jason Wang <jasowang@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

Diffstat (limited to 'scripts/qapi-commands.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: