diff options
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu/CVE-2020-14415.patch')
-rw-r--r-- | meta/recipes-devtools/qemu/qemu/CVE-2020-14415.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-14415.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-14415.patch new file mode 100644 index 0000000000..dca2f90a49 --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-14415.patch @@ -0,0 +1,37 @@ +From 7a4ede0047a8613b0e3b72c9d351038f013dd357 Mon Sep 17 00:00:00 2001 +From: Gerd Hoffmann <kraxel@redhat.com> +Date: Mon, 20 Jan 2020 11:18:04 +0100 +Subject: [PATCH] audio/oss: fix buffer pos calculation +MIME-Version: 1.0 +Content-Type: text/plain; charset=utf8 +Content-Transfer-Encoding: 8bit + +Fixes: 3ba4066d085f ("ossaudio: port to the new audio backend api") +Reported-by: ziming zhang <ezrakiez@gmail.com> +Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> +Message-Id: <20200120101804.29578-1-kraxel@redhat.com> +Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> + +Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=7a4ede0047a8613b0e3b72c9d351038f013dd357] +CVE: CVE-2020-14415 +Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com> +--- + audio/ossaudio.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/audio/ossaudio.c b/audio/ossaudio.c +index c43faee..9456491 100644 +--- a/audio/ossaudio.c ++++ b/audio/ossaudio.c +@@ -420,7 +420,7 @@ static size_t oss_write(HWVoiceOut *hw, void *buf, size_t len) + size_t to_copy = MIN(len, hw->size_emul - hw->pos_emul); + memcpy(hw->buf_emul + hw->pos_emul, buf, to_copy); + +- hw->pos_emul = (hw->pos_emul + to_copy) % hw->pos_emul; ++ hw->pos_emul = (hw->pos_emul + to_copy) % hw->size_emul; + buf += to_copy; + len -= to_copy; + } +-- +1.8.3.1 + |