[Spice-devel] [PATCH] server/red_parse_qxl: disallow zero area bitmaps
Alon Levy
alevy at redhat.com
Fri Jul 20 11:41:04 PDT 2012
On Fri, Jul 20, 2012 at 07:41:01PM +0300, Alon Levy wrote:
> prevents division by zero later (SIGFPE, Arithmetic exception) in
> spice-common code, at spice-common/common/canvas_base.c:646
> for both client and server (server only upon rendering).
> ---
> server/red_parse_qxl.c | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/server/red_parse_qxl.c b/server/red_parse_qxl.c
> index daae897..7de21e4 100644
> --- a/server/red_parse_qxl.c
> +++ b/server/red_parse_qxl.c
> @@ -371,6 +371,10 @@ static SpiceImage *red_get_image(RedMemSlotInfo *slots, int group_id,
> red->u.bitmap.format);
> return NULL;
> }
> + if (qxl->bitmap.x == 0 && qxl->bitmap.y == 0) {
This should of course be ||
> + spice_warning("guest error: zero area bitmap\n");
> + return NULL;
> + }
> qxl_flags = qxl->bitmap.flags;
> if (qxl_flags & QXL_BITMAP_TOP_DOWN) {
> red->u.bitmap.flags = SPICE_BITMAP_FLAGS_TOP_DOWN;
> --
> 1.7.10.1
>
> _______________________________________________
> Spice-devel mailing list
> Spice-devel at lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/spice-devel
More information about the Spice-devel
mailing list