On Mi, 2014-10-15 at 17:43 +0200, Michael Tokarev wrote: > On 15.10.2014 12:10, Gerd Hoffmann wrote: > > Hi, > > > > vmware-vga emulation lacks sanity checks in the hardware acceleration > > (blit + fill) functions. This patch series plugs the holes. > > > > v2 changes: > > * small whitespace fixup. > > * do fullscreen update on invalid update requests. > > > > cheers, > > Gerd > > > > Gerd Hoffmann (5): > > vmware-vga: CVE-2014-3689: turn off hw accel > > vmware-vga: add vmsvga_verify_rect > > vmware-vga: use vmsvga_verify_rect in vmsvga_update_rect > > vmware-vga: use vmsvga_verify_rect in vmsvga_copy_rect > > vmware-vga: use vmsvga_verify_rect in vmsvga_fill_rect > > A small question. Why do you first disable the hw accel for rect&fill > and re-enable them in subsequent patches, as if applying the real > fix patches takes very long time and during that time we need the > hole to be fixed?
That was just the order the patches where created. There isn't a real need for patch #1, but it didn't look important enough to me to bother fixing it up after the series was complete. cheers, Gerd
