mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Revert "nvme: fix oob access issue(CVE-2018-16847)"

Browse Source 
This reverts commit 5e3c0220d7.
We have a better fix commited for this now.

Signed-off-by: Kevin Wolf <kwolf@redhat.com>
This commit is contained in:
Kevin Wolf 2018-11-22 15:52:20 +01:00
parent 87ad860c62
commit 2067d39e5e
1 changed files with 0 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
hw/block/nvme.c
View File

@ -1177,10 +1177,6 @@ static void nvme_cmb_write(void *opaque, hwaddr addr, uint64_t data,
unsigned size) unsigned size)
{ {
NvmeCtrl *n = (NvmeCtrl *)opaque; NvmeCtrl *n = (NvmeCtrl *)opaque;
if (addr + size > NVME_CMBSZ_GETSIZE(n->bar.cmbsz)) {
return;
}
memcpy(&n->cmbuf[addr], &data, size); memcpy(&n->cmbuf[addr], &data, size);
} }
@ -1189,9 +1185,6 @@ static uint64_t nvme_cmb_read(void *opaque, hwaddr addr, unsigned size)
uint64_t val; uint64_t val;
NvmeCtrl *n = (NvmeCtrl *)opaque; NvmeCtrl *n = (NvmeCtrl *)opaque;
if (addr + size > NVME_CMBSZ_GETSIZE(n->bar.cmbsz)) {
return 0;
}
memcpy(&val, &n->cmbuf[addr], size); memcpy(&val, &n->cmbuf[addr], size);
return val; return val;
} }