hw/net: Fix a heap overflow in xlnx.xps-ethernetlite - focaccia-qemu - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	chaojianhu <chaojianhu@hotmail.com>	2016-08-09 11:52:54 +0800
committer	Jason Wang <jasowang@redhat.com>	2016-08-09 15:27:18 +0800
commit	a0d1cbdacff5df4ded16b753b38fdd9da6092968 (patch)
tree	6b8917d16c174baeb34e5dd8ceec838cdaf2dca2 /scripts/signrom.py
parent	6c352ca9b4ee3e1e286ea9e8434bd8e69ac7d0d8 (diff)
download	focaccia-qemu-a0d1cbdacff5df4ded16b753b38fdd9da6092968.tar.gz focaccia-qemu-a0d1cbdacff5df4ded16b753b38fdd9da6092968.zip

hw/net: Fix a heap overflow in xlnx.xps-ethernetlite

The .receive callback of xlnx.xps-ethernetlite doesn't check the length
of data before calling memcpy. As a result, the NetClientState object in
heap will be overflowed. All versions of qemu with xlnx.xps-ethernetlite
will be affected.

Reported-by: chaojianhu <chaojianhu@hotmail.com>
Signed-off-by: chaojianhu <chaojianhu@hotmail.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>

Diffstat (limited to 'scripts/signrom.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: