CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

]> CyberLeo.Net >> Repos - FreeBSD/FreeBSD.git/commit

projects / FreeBSD / FreeBSD.git / commit

author	Gordon Tetlow <gordon@FreeBSD.org>
	Tue, 4 Dec 2018 18:31:21 +0000 (18:31 +0000)
committer	Gordon Tetlow <gordon@FreeBSD.org>
	Tue, 4 Dec 2018 18:31:21 +0000 (18:31 +0000)
commit	5ddbe733d3809bd5bfc606f4934f2f4dbd2b090d
tree	9eff249816d6b2425c9e963cd8433bdc33745b55	tree \| snapshot
parent	b6186e4a0e13f745e6f0518b9cdeed71e5c379b3	commit \| diff

MFC r341484

Always treat firmware request and response sizes as unsigned.

This fixes an incomplete bounds check on the guest-supplied request
size where a very large request size could be interpreted as a negative
value and not be caught by the bounds check.

Submitted by: jhb
Reported by:  Reno Robert
Approved by:  so
Security:     FreeBSD-SA-18:14.bhyve
Security:     CVE-2018-17160

usr.sbin/bhyve/fwctl.c

diff | blob | history

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom