[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Xen-devel] Re: [Qemu-devel] qemu/pci: Unaligned config read/write overflow

  • To: qemu-devel@xxxxxxxxxx
  • From: "andrzej zaborowski" <balrog@xxxxxxxxx>
  • Date: Wed, 29 Nov 2006 14:51:24 +0000
  • Cc: Xen Development Mailing List <xen-devel@xxxxxxxxxxxxxxxxxxx>, Keir Fraser <keir@xxxxxxxxxxxxx>
  • Delivery-date: Thu, 30 Nov 2006 05:21:41 -0800
  • Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:sender:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references:x-google-sender-auth; b=ih02XzCfwdOMRVtb6o1aUZlVRRUhCmAJSRg7NUKp5nfxAaueZRggxWJJNkIThJ+biVgHiK0finy6ZCykSWjXG5VcwFUoPwkeWDwoZL71DAQr4sFw9zq4UGH4SbzZ7gHZdNcfjpNcbrUzp0niOzU+zfx7BKRjUWo/CAozUzIf87Q=
  • List-id: Xen developer discussion <xen-devel.lists.xensource.com>
Hi,

On 28/11/06, Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> wrote:

The default config read/write handlers allows a 4-byte read/write at
address 255.  This can clobber the field after the config area.  This
happens to be the PCIBus pointer in the PCIDevice structure.


An easier way to prevent the clobbering is grow PCIDevice::config by
three bytes.

Regards,
Andrew

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.