qemu-ppc
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH-for-5.0 0/2] hw/display/sm501: Avoid heap overflow in sm501_2d_op

From: Philippe Mathieu-Daudé
Subject: [PATCH-for-5.0 0/2] hw/display/sm501: Avoid heap overflow in sm501_2d_operation()
Date: Sat, 11 Apr 2020 11:14:51 +0200 
I once setup a Bugzilla 'Component Watching' rule on 'QEMU + CVE',
and recently found a notification for BZ#1786026 about a heap
overflow in sm501_2d_operation():
https://bugzilla.redhat.com/show_bug.cgi?id=1786026
As this is from december I suppose there was some embargo that
recently expired. Apparently there is a CVE assigned but the
information about it is private.
I'm not sure the upstream community is already aware of this
problem, but since we are in hard freeze and the bug can easily
be avoided, I believe a 3-lines patch is appropriate.

Philippe Mathieu-Daudé (2):
  hw/display/sm501: Avoid heap overflow in sm501_2d_operation()
  qtest: Test the Drawing Engine of the SM501 companion

 hw/display/sm501.c           |   6 ++
 tests/qtest/sm501-test.c     | 106 +++++++++++++++++++++++++++++++++++
 tests/qtest/Makefile.include |   2 +
 3 files changed, 114 insertions(+)
 create mode 100644 tests/qtest/sm501-test.c

-- 
2.21.1
reply via email to
[Prev in Thread] Current Thread [Next in Thread]