xen/CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch

References: bsc#958493 CVE-2015-8504

Index: xen-4.5.2-testing/tools/qemu-xen-traditional-dir-remote/vnc.c
===================================================================
--- xen-4.5.2-testing.orig/tools/qemu-xen-traditional-dir-remote/vnc.c
+++ xen-4.5.2-testing/tools/qemu-xen-traditional-dir-remote/vnc.c
@@ -1634,15 +1634,15 @@ static void set_pixel_format(VncState *v
     }
 
     vs->clientds = vs->serverds;
-    vs->clientds.pf.rmax = red_max;
+    vs->clientds.pf.rmax = red_max ? red_max : 0xFF;
     count_bits(vs->clientds.pf.rbits, red_max);
     vs->clientds.pf.rshift = red_shift;
     vs->clientds.pf.rmask = red_max << red_shift;
-    vs->clientds.pf.gmax = green_max;
+    vs->clientds.pf.gmax = green_max ? green_max : 0xFF;
     count_bits(vs->clientds.pf.gbits, green_max);
     vs->clientds.pf.gshift = green_shift;
     vs->clientds.pf.gmask = green_max << green_shift;
-    vs->clientds.pf.bmax = blue_max;
+    vs->clientds.pf.bmax = blue_max ? blue_max : 0xFF;
     count_bits(vs->clientds.pf.bbits, blue_max);
     vs->clientds.pf.bshift = blue_shift;
     vs->clientds.pf.bmask = blue_max << blue_shift;
- bsc#960093 - VUL-0: CVE-2015-8615: xen: x86: unintentional logging upon guest changing callback method (XSA-169) 5677f350-x86-make-debug-output-consistent-in-hvm_set_callback_via.patch - bsc#959387 - VUL-0: CVE-2015-8568 CVE-2015-8567: xen: qemu: net: vmxnet3: host memory leakage CVE-2015-8568-qemuu-net-vmxnet3-avoid-memory-leakage-in-activate_device.patch - bsc#957988 - VUL-0: CVE-2015-8550: xen: paravirtualized drivers incautious about shared memory contents (XSA-155) xsa155-xen-0001-xen-Add-RING_COPY_REQUEST.patch xsa155-xen-0002-blktap2-Use-RING_COPY_REQUEST.patch xsa155-xen-0003-libvchan-Read-prod-cons-only-once.patch xsa155-qemuu-qdisk-double-access.patch xsa155-qemut-qdisk-double-access.patch xsa155-qemuu-xenfb.patch xsa155-qemut-xenfb.patch - bsc#959006 - VUL-0: CVE-2015-8558: xen: qemu: usb: infinite loop in ehci_advance_state results in DoS CVE-2015-8558-qemuu-usb-infinite-loop-in-ehci_advance_state-results-in-DoS.patch - bsc#958918 - VUL-0: CVE-2015-7549: xen: qemu pci: null pointer dereference issue CVE-2015-7549-qemuu-pci-null-pointer-dereference-issue.patch - bsc#958493 - VUL-0: CVE-2015-8504: xen: qemu: ui: vnc: avoid floating point exception CVE-2015-8504-qemuu-vnc-avoid-floating-point-exception.patch CVE-2015-8504-qemut-vnc-avoid-floating-point-exception.patch - bsc#958007 - VUL-0: CVE-2015-8554: xen: qemu-dm buffer overrun in MSI-X handling (XSA-164) xsa164.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/xen?expand=0&rev=393 2016-01-04 22:25:00 +00:00			`References: bsc#958493 CVE-2015-8504`

			`Index: xen-4.5.2-testing/tools/qemu-xen-traditional-dir-remote/vnc.c`
			`===================================================================`
			`--- xen-4.5.2-testing.orig/tools/qemu-xen-traditional-dir-remote/vnc.c`
			`+++ xen-4.5.2-testing/tools/qemu-xen-traditional-dir-remote/vnc.c`
			`@@ -1634,15 +1634,15 @@ static void set_pixel_format(VncState *v`
			`}`

			`vs->clientds = vs->serverds;`
			`- vs->clientds.pf.rmax = red_max;`
			`+ vs->clientds.pf.rmax = red_max ? red_max : 0xFF;`
			`count_bits(vs->clientds.pf.rbits, red_max);`
			`vs->clientds.pf.rshift = red_shift;`
			`vs->clientds.pf.rmask = red_max << red_shift;`
			`- vs->clientds.pf.gmax = green_max;`
			`+ vs->clientds.pf.gmax = green_max ? green_max : 0xFF;`
			`count_bits(vs->clientds.pf.gbits, green_max);`
			`vs->clientds.pf.gshift = green_shift;`
			`vs->clientds.pf.gmask = green_max << green_shift;`
			`- vs->clientds.pf.bmax = blue_max;`
			`+ vs->clientds.pf.bmax = blue_max ? blue_max : 0xFF;`
			`count_bits(vs->clientds.pf.bbits, blue_max);`
			`vs->clientds.pf.bshift = blue_shift;`
			`vs->clientds.pf.bmask = blue_max << blue_shift;`