Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
spice
CVE-2016-2150-improve-primary-surface-parameter...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2016-2150-improve-primary-surface-parameter-checks.patch of Package spice
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001 From: Frediano Ziglio <fziglio@redhat.com> Date: Mon, 29 Feb 2016 14:34:49 +0000 Subject: [PATCH] improve primary surface parameter checks Primary surface, as additional surfaces, can be used to access host memory from the guest using invalid parameters. Signed-off-by: Frediano Ziglio <fziglio@redhat.com> --- server/red_worker.c | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/server/red_worker.c b/server/red_worker.c index a7eaab9..f9179a6 100644 --- a/server/red_worker.c +++ b/server/red_worker.c @@ -11380,6 +11380,15 @@ static void dev_create_primary_surface(RedWorker *worker, uint32_t surface_id, spice_warn_if(((uint64_t)abs(surface.stride) * (uint64_t)surface.height) != abs(surface.stride) * surface.height); + /* surface can arrive from guest unchecked so make sure + * guest is not a malicious one and drop invalid requests + */ + if (!red_validate_surface(surface.width, surface.height, + surface.stride, surface.format)) { + spice_warning("wrong primary surface creation request"); + return; + } + line_0 = (uint8_t*)get_virt(&worker->mem_slots, surface.mem, surface.height * abs(surface.stride), surface.group_id, &error);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor