+-- On Thu, 11 Oct 2018, Philippe Mathieu-Daudé wrote --+
| I started this change and already converted 40 files.
Wow, that's super swift! :) Will wait for the patch V2 from you then.
Thank you.
--
Prasad J Pandit / Red Hat Product Security Team
47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
On 11/10/2018 14:29, P J P wrote:
> +-- On Thu, 11 Oct 2018, Philippe Mathieu-Daudé wrote --+
> | The IOReadHandler does not have documentation.
> |
> | typedef void IOReadHandler(void *opaque, const uint8_t *buf, int size);
> |
> | Why is the 'size' argument signed? Does it makes sens to call i
On 11/10/2018 14:29, P J P wrote:
> +-- On Thu, 11 Oct 2018, Philippe Mathieu-Daudé wrote --+
> | The IOReadHandler does not have documentation.
> |
> | typedef void IOReadHandler(void *opaque, const uint8_t *buf, int size);
> |
> | Why is the 'size' argument signed? Does it makes sens to call i
+-- On Thu, 11 Oct 2018, Philippe Mathieu-Daudé wrote --+
| The IOReadHandler does not have documentation.
|
| typedef void IOReadHandler(void *opaque, const uint8_t *buf, int size);
|
| Why is the 'size' argument signed? Does it makes sens to call it with a
| negative value?
No, it doesn't I
On 11/10/2018 13:58, Philippe Mathieu-Daudé wrote:
> Cc'ing Paolo & Marc-André.
>
> On 11/10/2018 13:24, P J P wrote:
>> From: Prasad J Pandit
>>
>> While reading virtual smart card data, if buffer 'size' is negative
>> it would lead to memory corruption errors. Add check to avoid it.
>
> The IO
Cc'ing Paolo & Marc-André.
On 11/10/2018 13:24, P J P wrote:
> From: Prasad J Pandit
>
> While reading virtual smart card data, if buffer 'size' is negative
> it would lead to memory corruption errors. Add check to avoid it.
The IOReadHandler does not have documentation.
typedef void IOReadHa
From: Prasad J Pandit
While reading virtual smart card data, if buffer 'size' is negative
it would lead to memory corruption errors. Add check to avoid it.
Reported-by: Arash TC
Signed-off-by: Prasad J Pandit
---
hw/usb/ccid-card-passthru.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/