Re: [Qemu-devel] [PATCH] acpi: fix assert failure caused by commit 35c5a52d

Dan Williams Wed, 19 Oct 2016 08:59:45 -0700

On Wed, Oct 19, 2016 at 2:19 AM, Haozhong Zhang
<haozhong.zh...@intel.com> wrote:
> Commit 35c5a52d "acpi: do not use TARGET_PAGE_SIZE" changed struct
> NvdimmDsmIn from a variable-size structure to a fixed-size structure of
> 4096 bytes. It forgot to adjust an assert in
> nvdimm_dsm_set_label_data(..., NvdimmDsmIn *in, ...):
>     assert(sizeof(*in) + sizeof(*set_label_data) + set_label_data->length <=
>            4096);
> which could crash QEMU when guest writes NVDIMM labels.
>
> Fix it by replacing sizeof(*in) by offsetof(NvdimmDsmIn, arg3).
>
> Signed-off-by: Haozhong Zhang <haozhong.zh...@intel.com>
> Reported-by: Dan Williams <dan.j.willi...@intel.com>


Thanks!

Tested-by: Dan Williams <dan.j.willi...@intel.com>

Re: [Qemu-devel] [PATCH] acpi: fix assert failure caused by commit 35c5a52d

Reply via email to