rpms/qemu
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
cd9d161514
qemu/0209-ide-Fix-off-by-one-error-in-array-index-check.patch
Cole Robinson cd9d161514 CVE-2012-2652: Possible symlink attacks with -snapshot (bz 825697, bz 824919) 
Fix systemtap tapsets (bz 831763)
Fix qmp response race caused by spice server bug (bz 744015)
Fix text mode screendumps (bz 819155)
Don't renable ksm on update (bz 815156)
Fix RPM install error on non-virt machines (bz 660629)
Obsolete openbios to fix upgrade dependency issues (bz 694802)
2012-07-29 21:15:19 -04:00

35 lines
1.1 KiB
Diff
Raw Blame History

From 99f6b4ed1c345b144b0f052974cb470036418020 Mon Sep 17 00:00:00 2001
From: Kevin Wolf <kwolf@redhat.com>
Date: Wed, 26 Oct 2011 11:52:47 +0200
Subject: [PATCH] ide: Fix off-by-one error in array index check
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit fb60105d4942a26f571b1be92a8b9e7528d0c4d8)
Signed-off-by: Bruce Rogers <brogers@suse.com>
Signed-off-by: Andreas Färber <afaerber@suse.de>
---
hw/ide/core.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/ide/core.c b/hw/ide/core.c
index d145b19..9bc446e 100644
--- a/hw/ide/core.c
+++ b/hw/ide/core.c
@@ -1933,7 +1933,7 @@ static int ide_drive_pio_post_load(void *opaque, int version_id)
{
IDEState *s = opaque;
- if (s->end_transfer_fn_idx > ARRAY_SIZE(transfer_end_table)) {
+ if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) {
return -EINVAL;
}
s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
--
1.7.11.2
Reference in New Issue View Git Blame Copy Permalink