]> xenbits.xensource.com Git - qemu-upstream-4.6-testing.git/commit
projects / qemu-upstream-4.6-testing.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 44f3d4e) | patch
xen/disk: don't leak stack data via response ring
authorJan Beulich <jbeulich@suse.com>
Wed, 21 Jun 2017 15:43:09 +0000 (16:43 +0100)
committerAnthony PERARD <anthony.perard@citrix.com>
Wed, 21 Jun 2017 15:43:09 +0000 (16:43 +0100)
commit4e35ab1edd74b7d24b7a4aaebe75fe68222a2f2b
tree9f7ac893b545373aa86e297f56c58eefa9d01ccctree
parent44f3d4e6448e37588248db784193b7a047add65acommit | diff
xen/disk: don't leak stack data via response ring

Rather than constructing a local structure instance on the stack, fill
the fields directly on the shared ring, just like other (Linux)
backends do. Build on the fact that all response structure flavors are
actually identical (the old code did make this assumption too).

This is XSA-216.

Reported-by: Anthony Perard <anthony.perard@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
hw/block/xen_blkif.h diff | blob | history
hw/block/xen_disk.c diff | blob | history
Obsolete Upstream Qemu based repository for xen-4.6-testing