Diffusion FreeBSD src repository 1282bf40f7b9

bhyve virtio-scsi: Avoid out of bounds accesses to guest requests.
1282bf40f7b9
Actions

Description

bhyve virtio-scsi: Avoid out of bounds accesses to guest requests.

Ignore I/O requests with insufficiently sized input or output buffers (those not containing compete request headers).

Ignore control requests with improperly sized buffers.

While here, explicitly zero the output header of an I/O request to avoid leaking malloc garbage from the host if the header is not fully populated.

PR: 264521
Reported by: Robert Morris <rtm@lcs.mit.edu>
Reviewed by: mav, emaste
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D36271

(cherry picked from commit bb31aee26bd13307d97c5d5bf2b10bf05bdc18fd)

Details

Provenance

jhb	Authored on Aug 29 2022, 10:36 PM

Reviewer

mav

Differential Revision

D36271: bhyve virtio-scsi: Avoid out of bounds accesses to guest requests.

Parents

rGffbe54c2175c: bhyve virtio-scsi: Tidy warning and debug prints.

Branches

Unknown

Tags

Unknown

Event Timeline

jhb committed rG1282bf40f7b9: bhyve virtio-scsi: Avoid out of bounds accesses to guest requests. (authored by jhb).Nov 11 2022, 1:13 AM

jhb added an edge: D36271: bhyve virtio-scsi: Avoid out of bounds accesses to guest requests..Nov 11 2022, 1:25 AM

Changes (1)

Path

Size

usr.sbin/

bhyve/

pci_virtio_scsi.c

rG1282bf40f7b9

View Options

usr.sbin/bhyve/pci_virtio_scsi.c