]> xenbits.xensource.com Git - qemu-upstream-4.5-testing.git/commit
projects / qemu-upstream-4.5-testing.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6b0966a) | patch
xen/disk: don't leak stack data via response ring master
authorJan Beulich <jbeulich@suse.com>
Wed, 21 Jun 2017 15:44:17 +0000 (16:44 +0100)
committerAnthony PERARD <anthony.perard@citrix.com>
Wed, 21 Jun 2017 15:44:17 +0000 (16:44 +0100)
commit853d4dbe41ab40dfd289b93158afbb41ddcb4a54
treeec969576af8d487feba4b13bcf0e919cd65b0125tree
parent6b0966a4422a6374db0f250b181bb4276c9e7a10commit | diff
xen/disk: don't leak stack data via response ring

Rather than constructing a local structure instance on the stack, fill
the fields directly on the shared ring, just like other (Linux)
backends do. Build on the fact that all response structure flavors are
actually identical (the old code did make this assumption too).

This is XSA-216.

Reported-by: Anthony Perard <anthony.perard@citrix.com>
Signed-off-by: Jan Beulich <jbeulich@suse.com>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Acked-by: Anthony PERARD <anthony.perard@citrix.com>
hw/block/xen_blkif.h diff | blob | history
hw/block/xen_disk.c diff | blob | history
Obsolete Upstream Qemu based repository for xen-4.5-testing