Re: [PATCH] 9pfs: fix crash on 'Treaddir' request

2024-11-05 Thread Christian Schoenebeck
On Tuesday, November 5, 2024 1:13:14 PM CET Greg Kurz wrote: > On Tue, 5 Nov 2024 11:25:26 +0100 > Christian Schoenebeck wrote: > > > A bad (broken or malicious) 9p client (guest) could cause QEMU host to > > crash by sending a 9p 'Treaddir' request with a numeric file ID (FID) that > > was previ

Re: [PATCH] 9pfs: fix crash on 'Treaddir' request

2024-11-05 Thread Greg Kurz
On Tue, 5 Nov 2024 11:25:26 +0100 Christian Schoenebeck wrote: > A bad (broken or malicious) 9p client (guest) could cause QEMU host to > crash by sending a 9p 'Treaddir' request with a numeric file ID (FID) that > was previously opened for a file instead of an expected directory: > > #0 0x00

[PATCH] 9pfs: fix crash on 'Treaddir' request

2024-11-05 Thread Christian Schoenebeck via
A bad (broken or malicious) 9p client (guest) could cause QEMU host to crash by sending a 9p 'Treaddir' request with a numeric file ID (FID) that was previously opened for a file instead of an expected directory: #0 0x762aff8f4919 in __GI___rewinddir (dirp=0xf) at ../sysdeps/unix/sysv/l