On 4/15/19 10:45 AM, Daniel P. Berrangé wrote: > Two previous attempts to fix this due to GCC 9 highlighting > unaligned data access. My attempt: > > https://lists.gnu.org/archive/html/qemu-devel/2019-03/msg07763.html > > And a previous one: > > https://lists.gnu.org/archive/html/qemu-devel/2019-02/msg07923.html > https://lists.gnu.org/archive/html/qemu-devel/2019-03/msg00162.html > > There are a number of bugs in the USB MTP usb_mtp_write_metadata > method handling the filename character set conversion. > > The 2nd patch in this series is a security flaw fix since the > code was not correctly validating guest provided data length.
Given that this is a security flaw, I've added this series to https://wiki.qemu.org/Planning/4.0 in case you're hoping to get it in -rc4. -- Eric Blake, Principal Software Engineer Red Hat, Inc. +1-919-301-3226 Virtualization: qemu.org | libvirt.org
signature.asc
Description: OpenPGP digital signature
