[Spice-devel] [PATCH spice-protocol] stream-device: Specify how padding shoud be inside new structures
Frediano Ziglio
fziglio at redhat.com
Fri Feb 23 10:11:46 UTC 2018
Depending on how structures are initialised in the code is
possible that implicit padding bytes are not initialised
causing possible information leaks as the entire structure
with all padding is sent through device/network.
Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
---
spice/stream-device.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/spice/stream-device.h b/spice/stream-device.h
index 2e7c50e..b2f83b5 100644
--- a/spice/stream-device.h
+++ b/spice/stream-device.h
@@ -48,6 +48,8 @@
* containing integers up to 64 bit.
* All numbers are in little endian format.
*
+ * For security reasons structures should not contain implicit paddings.
+ *
* The protocol can be defined by these states:
* - Initial. Device just opened. Guest should wait
* for a message from the host;
--
2.14.3
More information about the Spice-devel
mailing list