[PATCH for-7.1 0/2] scsi-disk: fixes for block size crashes found by fuz

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH for-7.1 0/2] scsi-disk: fixes for block size crashes found by fuz

From:	Mark Cave-Ayland
Subject:	[PATCH for-7.1 0/2] scsi-disk: fixes for block size crashes found by fuzzer
Date:	Sat, 30 Jul 2022 13:26:54 +0100

These two patches fix a couple of issues which were found by the fuzzer as a
consequence of allowing the guest to change the SCSI block size in commit
356c4c441e ("scsi-disk: allow MODE SELECT block descriptor to set the block 
size").

Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>


Mark Cave-Ayland (2):
  scsi-disk: fix overflow when block size is not a multiple of
    BDRV_SECTOR_SIZE
  scsi-disk: ensure block size is non-zero and changes limited to bits
    8-15

 hw/scsi/scsi-disk.c | 25 ++++++++++++++++++-------
 1 file changed, 18 insertions(+), 7 deletions(-)

-- 
2.30.2

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH for-7.1 0/2] scsi-disk: fixes for block size crashes found by fuzzer, Mark Cave-Ayland <=
- [PATCH for-7.1 1/2] scsi-disk: fix overflow when block size is not a multiple of BDRV_SECTOR_SIZE, Mark Cave-Ayland, 2022/07/30
- [PATCH for-7.1 2/2] scsi-disk: ensure block size is non-zero and changes limited to bits 8-15, Mark Cave-Ayland, 2022/07/30

Prev by Date: [PATCH for-7.1 1/2] scsi-disk: fix overflow when block size is not a multiple of BDRV_SECTOR_SIZE
Next by Date: [PATCH for-7.1 2/2] scsi-disk: ensure block size is non-zero and changes limited to bits 8-15
Previous by thread: [PATCH v3 3/3] dump: use jobs framework for dump guest memory
Next by thread: [PATCH for-7.1 1/2] scsi-disk: fix overflow when block size is not a multiple of BDRV_SECTOR_SIZE
Index(es):
- Date
- Thread