d7cf6350b8
Include latest security fixes. Also fix support statements. Also adjust to recent libvdeplug-devel package name change. OBS-URL: https://build.opensuse.org/request/show/512570 OBS-URL: https://build.opensuse.org/package/show/Virtualization/qemu?expand=0&rev=350
51 lines
1.5 KiB
Diff
51 lines
1.5 KiB
Diff
From 416a6f3bf137b8e6782dd7c1f9563afe8ee97b19 Mon Sep 17 00:00:00 2001
|
|
From: Gerd Hoffmann <kraxel@redhat.com>
|
|
Date: Tue, 9 May 2017 13:01:28 +0200
|
|
Subject: [PATCH] usb-redir: fix stack overflow in usbredir_log_data
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Don't reinvent a broken wheel, just use the hexdump function we have.
|
|
|
|
Impact: low, broken code doesn't run unless you have debug logging
|
|
enabled.
|
|
|
|
Reported-by: 李强 <liqiang6-s@360.cn>
|
|
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Message-id: 20170509110128.27261-1-kraxel@redhat.com
|
|
(cherry picked from commit bd4a683505b27adc1ac809f71e918e58573d851d)
|
|
[BR: BSC#1047674 CVE-2017-10806]
|
|
Signed-off-by: Bruce Rogers <brogers@suse.com>
|
|
---
|
|
hw/usb/redirect.c | 13 +------------
|
|
1 file changed, 1 insertion(+), 12 deletions(-)
|
|
|
|
diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
|
|
index 0efe62f725..eb70dc7218 100644
|
|
--- a/hw/usb/redirect.c
|
|
+++ b/hw/usb/redirect.c
|
|
@@ -229,21 +229,10 @@ static void usbredir_log(void *priv, int level, const char *msg)
|
|
static void usbredir_log_data(USBRedirDevice *dev, const char *desc,
|
|
const uint8_t *data, int len)
|
|
{
|
|
- int i, j, n;
|
|
-
|
|
if (dev->debug < usbredirparser_debug_data) {
|
|
return;
|
|
}
|
|
-
|
|
- for (i = 0; i < len; i += j) {
|
|
- char buf[128];
|
|
-
|
|
- n = sprintf(buf, "%s", desc);
|
|
- for (j = 0; j < 8 && i + j < len; j++) {
|
|
- n += sprintf(buf + n, " %02X", data[i + j]);
|
|
- }
|
|
- error_report("%s", buf);
|
|
- }
|
|
+ qemu_hexdump((char *)data, stderr, desc, len);
|
|
}
|
|
|
|
/*
|