[Spice-devel] [PATCH v2 2/3] server/red_parse_qxl: disallow zero area bitmaps
Alon Levy
alevy at redhat.com
Sun Jul 22 01:39:22 PDT 2012
prevents division by zero later (SIGFPE, Arithmetic exception) in
spice-common code, at spice-common/common/canvas_base.c:646
for both client and server (server only upon rendering).
---
server/red_parse_qxl.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/server/red_parse_qxl.c b/server/red_parse_qxl.c
index daae897..00cc534 100644
--- a/server/red_parse_qxl.c
+++ b/server/red_parse_qxl.c
@@ -371,6 +371,10 @@ static SpiceImage *red_get_image(RedMemSlotInfo *slots, int group_id,
red->u.bitmap.format);
return NULL;
}
+ if (qxl->bitmap.x == 0 || qxl->bitmap.y == 0) {
+ spice_warning("guest error: zero area bitmap\n");
+ return NULL;
+ }
qxl_flags = qxl->bitmap.flags;
if (qxl_flags & QXL_BITMAP_TOP_DOWN) {
red->u.bitmap.flags = SPICE_BITMAP_FLAGS_TOP_DOWN;
--
1.7.10.1
More information about the Spice-devel
mailing list