Currently what problem do you have? Perhaps I could provide more support. And please give this vulnerability a cve id. Thanks!
2015-11-04 11:31 GMT+08:00 Jason Wang <jasow...@redhat.com>: > > > On 11/04/2015 02:49 AM, P J P wrote: > > +-- On Tue, 20 Oct 2015, Jason Wang wrote --+ > > | Can this survive if we had a chain like? > > | A->B->A > > > > No, current patch wouldn't cope with it. Though I wonder if such a > loop is > > possible? > > Just wondering. > > Tx.link is unit32_t, but any chance s->cu_base + s->cu_offset can result > a integer overflow? > > > > > | If not, looks like we need to limit the maximum number of commands in a > > | chain? (e.g 256) > > > > Okay, I'll update the patch. > > > > @max, @Qinghao: did you have chance to test the current patch? (just > checking) > > > > > > Thank you. > > -- > > - P J P > > 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F > > > >