On 15.10.2014 12:10, Gerd Hoffmann wrote:

vmware-vga emulation lacks sanity checks in the hardware acceleration
(blit + fill) functions.  This patch series plugs the holes.

v2 changes:
  * small whitespace fixup.
  * do fullscreen update on invalid update requests.


Gerd Hoffmann (5):
   vmware-vga: CVE-2014-3689: turn off hw accel
   vmware-vga: add vmsvga_verify_rect
   vmware-vga: use vmsvga_verify_rect in vmsvga_update_rect
   vmware-vga: use vmsvga_verify_rect in vmsvga_copy_rect
   vmware-vga: use vmsvga_verify_rect in vmsvga_fill_rect

A small question.  Why do you first disable the hw accel for rect&fill
and re-enable them in subsequent patches, as if applying the real
fix patches takes very long time and during that time we need the
hole to be fixed?  Why not just to fix it for real without the temp
workarounds? :)



Reply via email to