Re: [Qemu-devel] [PATCH v2] sd: limit 'req.cmd' while using as an array index

On 20 January 2016 at 18:50, P J P wrote: > From: Prasad J Pandit > > While processing standard SD commands, the 'req.cmd' value could > lead to OOB read when used as an index into 'sd_cmd_type' or > 'sd_cmd_class' arrays. Limit 'req.cmd' value to avoid such an > access. > > Reported-by: Qinghao

Re: [Qemu-devel] [PATCH v2] sd: limit 'req.cmd' while using as an array index

On 20 January 2016 at 18:50, P J P wrote: > From: Prasad J Pandit > > While processing standard SD commands, the 'req.cmd' value could > lead to OOB read when used as an index into 'sd_cmd_type' or > 'sd_cmd_class' arrays. Limit 'req.cmd' value to avoid such an > access. > > Reported-by: Qinghao

[Qemu-devel] [PATCH v2] sd: limit 'req.cmd' while using as an array index

From: Prasad J Pandit While processing standard SD commands, the 'req.cmd' value could lead to OOB read when used as an index into 'sd_cmd_type' or 'sd_cmd_class' arrays. Limit 'req.cmd' value to avoid such an access. Reported-by: Qinghao Tang Signed-off-by: Prasad J Pandit --- hw/sd/sd.c | 7