Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 7cdc61becd095b64a786b2625f321624e7111f3d
https://github.com/qemu/qemu/commit/7cdc61becd095b64a786b2625f321624e7111f3d
Author: Gerd Hoffmann <kra...@redhat.com>
Date: 2018-03-12 (Mon, 12 Mar 2018)
Changed paths:
M hw/display/vga.c
Log Message:
-----------
vga: fix region calculation
Typically the scanline length and the line offset are identical. But
in case they are not our calculation for region_end is incorrect. Using
line_offset is fine for all scanlines, except the last one where we have
to use the actual scanline length.
Fixes: CVE-2018-7550
Reported-by: Ross Lagerwall <ross.lagerw...@citrix.com>
Signed-off-by: Gerd Hoffmann <kra...@redhat.com>
Reviewed-by: Prasad J Pandit <p...@fedoraproject.org>
Tested-by: Ross Lagerwall <ross.lagerw...@citrix.com>
Message-id: 20180309143704.13420-1-kra...@redhat.com
Commit: fb5fff15881ba7a002924b967eb211c002897983
https://github.com/qemu/qemu/commit/fb5fff15881ba7a002924b967eb211c002897983
Author: Peter Maydell <peter.mayd...@linaro.org>
Date: 2018-03-12 (Mon, 12 Mar 2018)
Changed paths:
M hw/display/vga.c
Log Message:
-----------
Merge remote-tracking branch 'remotes/kraxel/tags/vga-20180312-pull-request'
into staging
7cdc61becd vga: fix region calculation
# gpg: Signature made Mon 12 Mar 2018 10:59:24 GMT
# gpg: using RSA key 4CB6D8EED3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <kra...@redhat.com>"
# gpg: aka "Gerd Hoffmann <g...@kraxel.org>"
# gpg: aka "Gerd Hoffmann (private) <kra...@gmail.com>"
# Primary key fingerprint: A032 8CFF B93A 17A7 9901 FE7D 4CB6 D8EE D3E8 7138
* remotes/kraxel/tags/vga-20180312-pull-request:
vga: fix region calculation
Signed-off-by: Peter Maydell <peter.mayd...@linaro.org>
Compare: https://github.com/qemu/qemu/compare/6ceb1b51f05f...fb5fff15881b
