diff options
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu/0002-fix-CVE-2016-7423.patch')
-rw-r--r-- | meta/recipes-devtools/qemu/qemu/0002-fix-CVE-2016-7423.patch | 45 |
1 files changed, 0 insertions, 45 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/0002-fix-CVE-2016-7423.patch b/meta/recipes-devtools/qemu/qemu/0002-fix-CVE-2016-7423.patch deleted file mode 100644 index fdf58a3d65..0000000000 --- a/meta/recipes-devtools/qemu/qemu/0002-fix-CVE-2016-7423.patch +++ /dev/null @@ -1,45 +0,0 @@ -Upstream-Status: Backport - -Backport patch to fix CVE-2016-7423 from: - -http://git.qemu.org/?p=qemu.git;a=commit;h=670e56d3ed - -CVE: CVE-2016-7423 - -Signed-off-by: Kai Kang <kai.kang@windriver.com> ---- -From 670e56d3ed2918b3861d9216f2c0540d9e9ae0d5 Mon Sep 17 00:00:00 2001 -From: Li Qiang <liqiang6-s@360.cn> -Date: Mon, 12 Sep 2016 18:14:11 +0530 -Subject: [PATCH] scsi: mptsas: use g_new0 to allocate MPTSASRequest object - -When processing IO request in mptsas, it uses g_new to allocate -a 'req' object. If an error occurs before 'req->sreq' is -allocated, It could lead to an OOB write in mptsas_free_request -function. Use g_new0 to avoid it. - -Reported-by: Li Qiang <liqiang6-s@360.cn> -Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> -Message-Id: <1473684251-17476-1-git-send-email-ppandit@redhat.com> -Cc: qemu-stable@nongnu.org -Signed-off-by: Paolo Bonzini <pbonzini@redhat.com> ---- - hw/scsi/mptsas.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/scsi/mptsas.c b/hw/scsi/mptsas.c -index 0e0a22f..eaae1bb 100644 ---- a/hw/scsi/mptsas.c -+++ b/hw/scsi/mptsas.c -@@ -304,7 +304,7 @@ static int mptsas_process_scsi_io_request(MPTSASState *s, - goto bad; - } - -- req = g_new(MPTSASRequest, 1); -+ req = g_new0(MPTSASRequest, 1); - QTAILQ_INSERT_TAIL(&s->pending, req, next); - req->scsi_io = *scsi_io; - req->dev = s; --- -2.9.3 - |