+-- On Wed, 31 Aug 2016, P J P wrote --+
|
| -if ((ri->reqRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES)
| -|| (ri->cmpRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES)) {
| +if (!ri->reqRingNumPages
| +|| ri->reqRingNumPages > PVSCSI_SETUP_RINGS_MAX_NUM_PAGES
| +
From: Prasad J Pandit
Vmware Paravirtual SCSI emulation uses command descriptors to
process SCSI commands. These descriptors come with their ring
buffers. A guest could set the page count for these rings to
be zero, leading to an infinite loop. Add check to avoid it.
Reported-by: Tom Victor
Sig
