On 20 January 2016 at 18:50, P J P <[email protected]> wrote: > From: Prasad J Pandit <[email protected]> > > While processing standard SD commands, the 'req.cmd' value could > lead to OOB read when used as an index into 'sd_cmd_type' or > 'sd_cmd_class' arrays. Limit 'req.cmd' value to avoid such an > access. > > Reported-by: Qinghao Tang <[email protected]> > Signed-off-by: Prasad J Pandit <[email protected]> > --- > hw/sd/sd.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > Update as per review: > -> https://lists.gnu.org/archive/html/qemu-devel/2016-01/msg03769.html
Reviewed-by: Peter Maydell <[email protected]> thanks -- PMM
