On 01/28/13 12:49, Igor Mammedov wrote: > Stack corruption may occur if too big 'level' or 'xlevel' values passed > on command line with KVM enabled, due to limited size of cpuid_data > in kvm_arch_init_vcpu(). > > reproduces with: > qemu -enable-kvm -cpu qemu64,level=4294967295 > or > qemu -enable-kvm -cpu qemu64,xlevel=4294967295 > > Check if there is space in cpuid_data before passing it to cpu_x86_cpuid() > or abort() if there is not space. > > Signed-off-by: Igor Mammedov <[email protected]> > --- > * v2: > * use macro instead of const int max_cpuid_entries to fix build breakage > in C99 mode. Suggested-By: Laszlo Ersek <[email protected]> > * compare with array index instead of address of the last element > Sugested-By: Marcelo Tosatti <[email protected]> > > --- > target-i386/kvm.c | 25 ++++++++++++++++++++++++- > 1 files changed, 24 insertions(+), 1 deletions(-)
Reviewed-by: Laszlo Ersek <[email protected]>
