From bde70caa0624bc2ca2de7a183b00e9c455ddd803 Mon Sep 17 00:00:00 2001 From: Efraim Flashner Date: Mon, 10 Oct 2016 22:29:43 +0300 Subject: gnu: qemu: Patch CVE-2016-857{6,7,8}. * gnu/packages/qemu.scm (qemu)[source]: Add patches. * gnu/packages/patches/qemu-CVE-2016-8576.patch, gnu/packages/patches/qemu-CVE-2016-8577.patch, gnu/packages/patches/qemu-CVE-2016-8578.patch: New files. * gnu/local.mk (dist_patch_DATA): Register them. --- gnu/packages/patches/qemu-CVE-2016-8577.patch | 36 +++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 gnu/packages/patches/qemu-CVE-2016-8577.patch (limited to 'gnu/packages/patches/qemu-CVE-2016-8577.patch') diff --git a/gnu/packages/patches/qemu-CVE-2016-8577.patch b/gnu/packages/patches/qemu-CVE-2016-8577.patch new file mode 100644 index 0000000000..c4132d2fb1 --- /dev/null +++ b/gnu/packages/patches/qemu-CVE-2016-8577.patch @@ -0,0 +1,36 @@ +Subject: [Qemu-devel] [PATCH] 9pfs: fix potential host memory leak in v9fs_read +From: Li Qiang + +In 9pfs read dispatch function, it doesn't free two QEMUIOVector +object thus causing potential memory leak. This patch avoid this. + +Signed-off-by: Li Qiang +--- + hw/9pfs/9p.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/hw/9pfs/9p.c b/hw/9pfs/9p.c +index 119ee58..543a791 100644 +--- a/hw/9pfs/9p.c ++++ b/hw/9pfs/9p.c +@@ -1826,14 +1826,15 @@ static void v9fs_read(void *opaque) + if (len < 0) { + /* IO error return the error */ + err = len; +- goto out; ++ goto out_free_iovec; + } + } while (count < max_count && len > 0); + err = pdu_marshal(pdu, offset, "d", count); + if (err < 0) { +- goto out; ++ goto out_free_iovec; + } + err += offset + count; ++out_free_iovec: + qemu_iovec_destroy(&qiov); + qemu_iovec_destroy(&qiov_full); + } else if (fidp->fid_type == P9_FID_XATTR) { +-- +1.8.3.1 + -- cgit v1.2.3