Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP2:GA
xen.5854
CVE-2017-10806-qemuu-usb-redirect-stack-buffer-...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2017-10806-qemuu-usb-redirect-stack-buffer-overflow-in-debug-logging.patch of Package xen.5854
References: bsc#1047675 CVE-2017-10806 Subject: usb-redir: fix stack overflow in usbredir_log_data From: Gerd Hoffmann kraxel@redhat.com Tue May 9 13:01:28 2017 +0200 Date: Fri May 12 12:26:40 2017 +0200: Git: bd4a683505b27adc1ac809f71e918e58573d851d Don't reinvent a broken wheel, just use the hexdump function we have. Impact: low, broken code doesn't run unless you have debug logging enabled. Reported-by: 李强 <liqiang6-s@360.cn> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Message-id: 20170509110128.27261-1-kraxel@redhat.com Index: xen-4.4.4-testing/tools/qemu-xen-dir-remote/hw/usb/redirect.c =================================================================== --- xen-4.4.4-testing.orig/tools/qemu-xen-dir-remote/hw/usb/redirect.c +++ xen-4.4.4-testing/tools/qemu-xen-dir-remote/hw/usb/redirect.c @@ -216,21 +216,10 @@ static void usbredir_log(void *priv, int static void usbredir_log_data(USBRedirDevice *dev, const char *desc, const uint8_t *data, int len) { - int i, j, n; - if (dev->debug < usbredirparser_debug_data) { return; } - - for (i = 0; i < len; i += j) { - char buf[128]; - - n = sprintf(buf, "%s", desc); - for (j = 0; j < 8 && i + j < len; j++) { - n += sprintf(buf + n, " %02X", data[i + j]); - } - error_report("%s", buf); - } + qemu_hexdump((char *)data, stderr, desc, len); } /*
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor