Hi, This is the v2 of Prasad J Pandit first version [*], with Paolo's review comment addressed. This is a quick fix for CVE-2018-18438: "Integer overflow in ccid_card_vscard_read() allows memory corruption".
Please review, Phil. [*] https://lists.gnu.org/archive/html/qemu-devel/2018-10/msg02200.html Philippe Mathieu-Daudé (9): ccid-card-passthru: Move assertion in read() to can_read() ccid-card-passthru: Replace never trigger if statement by an assertion ccid-card-passthru: Assert on a stricter expression ccid-card-passthru: Let the chardev::read() be more generic ccid-card-passthru: Replace assert() by QEMU_BUILD_BUG_ON() ccid-card-passthru: Simplify the if() condition ccid-card-passthru: Use QERR_MISSING_PARAMETER ccid-card-passthru: Use size_t to hold size argument ccid-card-passthru: Use size_t for index hw/usb/ccid-card-passthru.c | 73 +++++++++++++++++-------------------- 1 file changed, 34 insertions(+), 39 deletions(-) -- 2.20.1