[Spice-commits] spice/stream-device.h
Frediano Ziglio
fziglio at kemper.freedesktop.org
Sat Mar 10 07:16:52 UTC 2018
spice/stream-device.h | 2 ++
1 file changed, 2 insertions(+)
New commits:
commit 235ac173495096730dff6fff16bea42790d4c703
Author: Frediano Ziglio <fziglio at redhat.com>
Date: Fri Feb 23 10:11:12 2018 +0000
stream-device: Specify how padding shoud be inside new structures
Depending on how structures are initialised in the code is
possible that implicit padding bytes are not initialised
causing possible information leaks as the entire structure
with all padding is sent through device/network.
Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
Acked-by: Christophe de Dinechin <dinechin at redhat.com>
diff --git a/spice/stream-device.h b/spice/stream-device.h
index 2e7c50e..b2f83b5 100644
--- a/spice/stream-device.h
+++ b/spice/stream-device.h
@@ -48,6 +48,8 @@
* containing integers up to 64 bit.
* All numbers are in little endian format.
*
+ * For security reasons structures should not contain implicit paddings.
+ *
* The protocol can be defined by these states:
* - Initial. Device just opened. Guest should wait
* for a message from the host;
More information about the Spice-commits
mailing list