On Thu, 7 Apr 2022 at 15:50, Michael S. Tsirkin wrote:
>
> On Thu, Apr 07, 2022 at 11:03:16AM +0100, Peter Maydell wrote:
> > On Thu, 7 Apr 2022 at 10:52, Michael S. Tsirkin wrote:
> > >
> > > From: Wentao Liang
> > >
> > > A potential Use-after-free was reported in virtio_iommu_handle_command
>
On Thu, Apr 07, 2022 at 11:03:16AM +0100, Peter Maydell wrote:
> On Thu, 7 Apr 2022 at 10:52, Michael S. Tsirkin wrote:
> >
> > From: Wentao Liang
> >
> > A potential Use-after-free was reported in virtio_iommu_handle_command
> > when using virtio-iommu:
> >
> > > I find a potential Use-after-fre
On Thu, 7 Apr 2022 at 10:52, Michael S. Tsirkin wrote:
>
> From: Wentao Liang
>
> A potential Use-after-free was reported in virtio_iommu_handle_command
> when using virtio-iommu:
>
> > I find a potential Use-after-free in QEMU 6.2.0, which is in
> > virtio_iommu_handle_command() (./hw/virtio/vir
From: Wentao Liang
A potential Use-after-free was reported in virtio_iommu_handle_command
when using virtio-iommu:
> I find a potential Use-after-free in QEMU 6.2.0, which is in
> virtio_iommu_handle_command() (./hw/virtio/virtio-iommu.c).
>
>
> Specifically, in the loop body, the variable 'buf'
