As the 'pkt_length' and 'offlen' can be malicious from guest, the vrend_create_shader function has an integer overflow, this will make the next 'memcpy' oob access. This patch avoid this. Signed-off-by: Li Qiang <liq3ea@gmail.com> Signed-off-by: Dave Airlie <airlied@redhat.com>macos/master
parent
a2f12a1b0f
commit
93761787b2
Loading…
Reference in new issue