HomeFreeBSD

bhyve: Fix a global buffer overread in the PCI hda device model.

Description

bhyve: Fix a global buffer overread in the PCI hda device model.

hda_write did not validate the relative register offset before using
it as an index into the hda_set_reg_table array to lookup a function
pointer to execute after updating the register's value.

PR: 264435
Reported by: Robert Morris <rtm@lcs.mit.edu>
Reviewed by: corvink, markj, emaste
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D38127

(cherry picked from commit bfe8e339eb77910c2eb739b45aaa936148b33897)

Details

Provenance
jhbAuthored on Jan 20 2023, 5:57 PM
Reviewer
corvink
Differential Revision
D38127: bhyve: Fix a global buffer overread in the PCI hda device model.
Parents
rG39177915279a: bhyve: Remove vmctx argument from PCI device model methods.
Branches
Unknown
Tags
Unknown