Jason Wang 9e0f5b8108 virtio: validate the existence of handle_output before calling it ... We don't validate the existence of handle_output which may let a buggy guest to trigger a SIGSEV easily. E.g: 1) write 10 to queue_sel to a virtio net device with only 1 queue 2) setup an arbitrary pfn 3) then notify queue 10 Fixing this by validating the existence of handle_output before. Cc: qemu-stable@nongnu.org Cc: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Jason Wang <jasowang@redhat.com> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Don Koch <dkoch@verizon.com> Reviewed-by: Fam Zheng <famz@redhat.com>		2015-03-16 15:29:51 +01:00
..
dataplane	virtio: add feature checking helpers	2015-02-26 13:04:07 +01:00
Makefile.objs	dataplane: endianness-aware accesses	2015-02-16 15:07:16 +00:00
vhost-backend.c	vhost: Remove superfluous '\n' around error_report()	2015-03-10 08:15:33 +03:00
vhost-user.c	vhost-user: fix mmap offset calculation	2014-11-03 18:32:48 +02:00
vhost.c	vhost: Fix vhostfd leak in error branch	2014-12-01 12:29:35 +00:00
virtio-balloon.c	pci, pc, virtio fixes and cleanups	2015-03-09 09:14:28 +00:00
virtio-bus.c	virtio: cull virtio_bus_set_vdev_features	2015-02-26 13:04:07 +01:00
virtio-mmio.c	virtio: feature bit manipulation helpers	2015-02-26 13:04:07 +01:00
virtio-pci.c	virtio-pci: Convert to realize()	2015-03-11 18:24:13 +01:00
virtio-pci.h	virtio-pci: Convert to realize()	2015-03-11 18:24:13 +01:00
virtio-rng.c	virtio-rng: fix check for period_ms validity	2015-01-05 14:02:47 +05:30
virtio.c	virtio: validate the existence of handle_output before calling it	2015-03-16 15:29:51 +01:00