]> xenbits.xensource.com Git - qemu-upstream-unstable.git/commit
projects / qemu-upstream-unstable.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 00d7510) | patch
net: add checks to validate ring buffer pointers(CVE-2015-5279)
authorP J P <pjp@fedoraproject.org>
Tue, 15 Sep 2015 11:10:49 +0000 (16:40 +0530)
committerStefano Stabellini <stefano.stabellini@eu.citrix.com>
Tue, 15 Sep 2015 13:43:24 +0000 (13:43 +0000)
commit25d01b6912a6ed09fc0479791f2920e196dc1ab7
tree6fb4002b3f2d0f56437c8d746edd2bf8facd1795tree
parent00d751038d501ab40298ebe972addfcf4ea0c54bcommit | diff
net: add checks to validate ring buffer pointers(CVE-2015-5279)

Ne2000 NIC uses ring buffer of NE2000_MEM_SIZE(49152)
bytes to process network packets. While receiving packets
via ne2000_receive() routine, a local 'index' variable
could exceed the ring buffer size, which could lead to a
memory buffer overflow. Added other checks at initialisation.

upstream-commit-id: 9bbdbc66e5765068dce76e9269dce4547afd8ad4

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: P J P <pjp@fedoraproject.org>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
hw/net/ne2000.c diff | blob | blame | history
Obsolete Upstream Qemu based repository for xen-unstable