qemu/0512-qxl-update_area_io-cleanup-invalid-parameters-handli.patch
Cole Robinson f375e62ad9 Update to qemu 1.2.2 stable
Fix libvirt + seccomp combo (bz #855162)
Fix scsi hotplug crash (bz #879657)
Fix QOM refcount crash (bz #881486)
2012-12-16 18:27:22 -05:00

49 lines
1.8 KiB
Diff

From eaea06c56ee6569bbd6864a6f767160a74c9c65d Mon Sep 17 00:00:00 2001
From: Michael Tokarev <mjt@tls.msk.ru>
Date: Wed, 19 Sep 2012 17:41:26 +0400
Subject: [PATCH] qxl/update_area_io: cleanup invalid parameters handling
This cleans up two additions of almost the same code in commits
511b13e2c9 and ccc2960d654. While at it, make error paths
consistent (always use 'break' instead of 'return').
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Cc: Dunrong Huang <riegamaths@gmail.com>
Cc: Alon Levy <alevy@redhat.com>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/qxl.c | 13 +++----------
1 file changed, 3 insertions(+), 10 deletions(-)
diff --git a/hw/qxl.c b/hw/qxl.c
index 1aac04b..6b9d5d0 100644
--- a/hw/qxl.c
+++ b/hw/qxl.c
@@ -1547,20 +1547,13 @@ async_common:
if (d->ram->update_surface > d->ssd.num_surfaces) {
qxl_set_guest_bug(d, "QXL_IO_UPDATE_AREA: invalid surface id %d\n",
d->ram->update_surface);
- return;
+ break;
}
- if (update.left >= update.right || update.top >= update.bottom) {
+ if (update.left >= update.right || update.top >= update.bottom ||
+ update.left < 0 || update.top < 0) {
qxl_set_guest_bug(d,
"QXL_IO_UPDATE_AREA: invalid area (%ux%u)x(%ux%u)\n",
update.left, update.top, update.right, update.bottom);
- return;
- }
-
- if (update.left < 0 || update.top < 0 || update.left >= update.right ||
- update.top >= update.bottom) {
- qxl_set_guest_bug(d, "QXL_IO_UPDATE_AREA: "
- "invalid area(%d,%d,%d,%d)\n", update.left,
- update.right, update.top, update.bottom);
break;
}
if (async == QXL_ASYNC) {
--
1.8.0.2