hollalinux
/
linux-sg2042
mirror of https://github.com/sophgo/linux-riscv.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[S390] KVM: Read buffer overflow 

Check whether index is within bounds before testing the element.

Signed-off-by: Roel Kluin <roel.kluin@gmail.com>
Signed-off-by: Martin Schwidefsky <schwidefsky@de.ibm.com>
This commit is contained in:
Roel Kluin 2009-08-07 10:39:25 +02:00 committed by Martin Schwidefsky
parent 677c1dd706
commit 53cb780adb
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
arch/s390/kvm/sigp.c
View File

@ -169,7 +169,7 @@ static int __sigp_set_prefix(struct kvm_vcpu *vcpu, u16 cpu_addr, u32 address,
unsigned long *reg) unsigned long *reg)
{ {
struct kvm_s390_float_interrupt *fi = &vcpu->kvm->arch.float_int; struct kvm_s390_float_interrupt *fi = &vcpu->kvm->arch.float_int;
struct kvm_s390_local_interrupt *li; struct kvm_s390_local_interrupt *li = NULL;
struct kvm_s390_interrupt_info *inti; struct kvm_s390_interrupt_info *inti;
int rc; int rc;
u8 tmp; u8 tmp;
@ -189,9 +189,10 @@ static int __sigp_set_prefix(struct kvm_vcpu *vcpu, u16 cpu_addr, u32 address,
return 2; /* busy */ return 2; /* busy */
spin_lock(&fi->lock); spin_lock(&fi->lock);
li = fi->local_int[cpu_addr]; if (cpu_addr < KVM_MAX_VCPUS)
li = fi->local_int[cpu_addr];
if ((cpu_addr >= KVM_MAX_VCPUS) || (li == NULL)) { if (li == NULL) {
rc = 1; /* incorrect state */ rc = 1; /* incorrect state */
*reg &= SIGP_STAT_INCORRECT_STATE; *reg &= SIGP_STAT_INCORRECT_STATE;
kfree(inti); kfree(inti);