OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity

gtk: avoid oob array access

Browse Source 
When too many consoles are created, vcs[] may be write out-of-bounds.

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Message-id: 20161207105511.25173-1-marcandre.lureau@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
This commit is contained in:
Marc-André Lureau 2016-12-07 13:55:11 +03:00 committed by Gerd Hoffmann
parent 6250dff39a
commit c952b71582
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
ui/gtk.c
View File

@ -1706,6 +1706,11 @@ static CharDriverState *gd_vc_handler(ChardevVC *vc, Error **errp)
ChardevCommon *common = qapi_ChardevVC_base(vc);
CharDriverState *chr;
if (nb_vcs == MAX_VCS) {
error_setg(errp, "Maximum number of consoles reached");
return NULL;
}
chr = qemu_chr_alloc(common, errp);
if (!chr) {
return NULL;