add the zeroinit block driver filter
[pve-qemu-kvm.git] / debian / patches / old / CVE-2015-8613-scsi-initialize-info-object.patch
blobee0f36d673508720c21753dd501515c39a73519e
1 From 5823b4a214ede884f4ba597fdd629862620e0f92 Mon Sep 17 00:00:00 2001
2 From: Prasad J Pandit <pjp@fedoraproject.org>
3 Date: Mon, 21 Dec 2015 14:48:18 +0530
4 Subject: [PATCH] scsi: initialise info object with appropriate size
6 While processing controller 'CTRL_GET_INFO' command, the routine
7 'megasas_ctrl_get_info' overflows the '&info' object size. Use its
8 appropriate size to null initialise it.
10 Reported-by: Qinghao Tang <luodalongde@gmail.com>
11 Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
12 ---
13 hw/scsi/megasas.c | 2 +-
14 1 file changed, 1 insertion(+), 1 deletion(-)
16 diff --git a/hw/scsi/megasas.c b/hw/scsi/megasas.c
17 index d7dc667..576f56c 100644
18 --- a/hw/scsi/megasas.c
19 +++ b/hw/scsi/megasas.c
20 @@ -718,7 +718,7 @@ static int megasas_ctrl_get_info(MegasasState *s, MegasasCmd *cmd)
21 BusChild *kid;
22 int num_pd_disks = 0;
24 - memset(&info, 0x0, cmd->iov_size);
25 + memset(&info, 0x0, dcmd_size);
26 if (cmd->iov_size < dcmd_size) {
27 trace_megasas_dcmd_invalid_xfer_len(cmd->index, cmd->iov_size,
28 dcmd_size);
29 --
30 2.4.3
31 ===