qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH v5 0/7] net/eth: Fix stack-buffer-overflow in _eth_get_rss_ex_dst

From: Philippe Mathieu-Daudé
Subject: [PATCH v5 0/7] net/eth: Fix stack-buffer-overflow in _eth_get_rss_ex_dst_addr()
Date: Wed, 10 Mar 2021 17:01:28 +0100 
I had a look at the patch from Miroslav trying to silence a
compiler warning which in fact is a nasty bug. Here is a fix.
https://www.mail-archive.com/qemu-devel@nongnu.org/msg772735.html

Since v4:
- reworked again, tested it with Fedora Raw Hide

Philippe Mathieu-Daudé (7):
  net/eth: Simplify _eth_get_rss_ex_dst_addr()
  net/eth: Better describe _eth_get_rss_ex_dst_addr's offset argument
  net/eth: Make ip6_ext_hdr *ext_hdr pointer to const
  net/eth: Check the size earlier
  net/eth: Check iovec has enough data earlier
  net/eth: Read ip6_ext_hdr_routing buffer before accessing it
  net/eth: Add an assert() and invert if() statement to simplify code

 net/eth.c                      | 48 +++++++++++++++---------------
 tests/qtest/fuzz-e1000e-test.c | 53 ++++++++++++++++++++++++++++++++++
 MAINTAINERS                    |  1 +
 tests/qtest/meson.build        |  1 +
 4 files changed, 79 insertions(+), 24 deletions(-)
 create mode 100644 tests/qtest/fuzz-e1000e-test.c

-- 
2.26.2
reply via email to
[Prev in Thread] Current Thread [Next in Thread]