[Spice-devel] [PATCH spice-server] display-channel: Avoid potential crash from buggy guest driver
Snir Sheriber
ssheribe at redhat.com
Thu Jun 20 08:05:46 UTC 2019
Seems fine to me.
Ack
On 6/17/19 7:13 PM, Frediano Ziglio wrote:
> This fixes https://bugzilla.redhat.com/show_bug.cgi?id=1582137.
>
> Signed-off-by: Frediano Ziglio <fziglio at redhat.com>
> ---
> server/display-channel.c | 6 +++++-
> 1 file changed, 5 insertions(+), 1 deletion(-)
>
> diff --git a/server/display-channel.c b/server/display-channel.c
> index 071c01409..7ddd44c14 100644
> --- a/server/display-channel.c
> +++ b/server/display-channel.c
> @@ -2032,7 +2032,11 @@ void display_channel_update(DisplayChannel *display,
> SpiceRect rect;
> RedSurface *surface;
>
> - spice_return_if_fail(display_channel_validate_surface(display, surface_id));
> + // Check that the request is valid, the surface_id comes directly from the guest
> + if (!display_channel_validate_surface(display, surface_id)) {
> + // just return, display_channel_validate_surface already logged a warning
> + return;
> + }
>
> red_get_rect_ptr(&rect, area);
> display_channel_draw(display, &rect, surface_id);
More information about the Spice-devel
mailing list