[Spice-devel] [PATCH 8/8] Small comment on structure checking
Jonathon Jongsma
jjongsma at redhat.com
Thu Sep 22 08:32:32 UTC 2016
On Mon, 2016-09-19 at 09:30 +0100, Frediano Ziglio wrote:
> Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
> ---
> server/display-channel.c | 1 +
> 1 file changed, 1 insertion(+)
>
> diff --git a/server/display-channel.c b/server/display-channel.c
> index 108e69b..3290565 100644
> --- a/server/display-channel.c
> +++ b/server/display-channel.c
> @@ -1968,6 +1968,7 @@ void
> display_channel_process_surface_cmd(DisplayChannel *display,
> RedSurfaceCmd
> }
> data = surface->u.surface_create.data;
> if (stride < 0) {
> + /* no worry for overflow here, command is already
> validated */
> data -= (int32_t)(stride * (height - 1));
> }
> display_channel_create_surface(display, surface_id, surface-
> >u.surface_create.width,
Hmm, it doesn't look like the command has been validated in *this*
function.
More information about the Spice-devel
mailing list