Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP3:Update
xen.14030
CVE-2018-17963-qemuu-net-ignore-packets-with-la...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2018-17963-qemuu-net-ignore-packets-with-large-size.patch of Package xen.14030
References: bsc#1111014 CVE-2018-17963 There should not be a reason for passing a packet size greater than INT_MAX. It's usually a hint of bug somewhere, so ignore packet size greater than INT_MAX in qemu_deliver_packet_iov() CC: address@hidden Reported-by: Daniel Shapira <address@hidden> Reviewed-by: Michael S. Tsirkin <address@hidden> Signed-off-by: Jason Wang <address@hidden> --- net/net.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) Index: xen-4.5.5-testing/tools/qemu-xen-dir-remote/net/net.c =================================================================== --- xen-4.5.5-testing.orig/tools/qemu-xen-dir-remote/net/net.c +++ xen-4.5.5-testing/tools/qemu-xen-dir-remote/net/net.c @@ -562,10 +562,15 @@ ssize_t qemu_deliver_packet_iov(NetClien void *opaque) { NetClientState *nc = opaque; + size_t size = iov_size(iov, iovcnt); int ret; + if (size > INT_MAX) { + return size; + } + if (nc->link_down) { - return iov_size(iov, iovcnt); + return size; } if (nc->receive_disabled) {
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor