From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([208.118.235.92]:59462)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1UVfww-0007qY-Na
	for qemu-devel@nongnu.org; Fri, 26 Apr 2013 06:32:23 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1UVfws-0001z4-4j
	for qemu-devel@nongnu.org; Fri, 26 Apr 2013 06:32:18 -0400
Received: from mx1.redhat.com ([209.132.183.28]:34952)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <eblake@redhat.com>) id 1UVfwr-0001z0-Rl
	for qemu-devel@nongnu.org; Fri, 26 Apr 2013 06:32:14 -0400
Message-ID: <517A57AB.60804@redhat.com>
Date: Fri, 26 Apr 2013 04:32:11 -0600
From: Eric Blake <eblake@redhat.com>
MIME-Version: 1.0
References: <1366875807-3491-1-git-send-email-jasowang@redhat.com>
	<87fvyebbwb.fsf@codemonkey.ws> <20130425210242.GB2908@redhat.com>
	<878v461c1k.fsf@codemonkey.ws> <517A0B3D.1020202@redhat.com>
In-Reply-To: <517A0B3D.1020202@redhat.com>
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature";
	boundary="----enig2OPXCOBLHFTVOTLEWFLLG"
Subject: Re: [Qemu-devel] [PATCH] virtio: abort on zero config length
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Jason Wang <jasowang@redhat.com>
Cc: Anthony Liguori <aliguori@us.ibm.com>, qemu-devel@nongnu.org, "Michael S. Tsirkin" <mst@redhat.com>

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
------enig2OPXCOBLHFTVOTLEWFLLG
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 04/25/2013 11:06 PM, Jason Wang wrote:
>>>     if (addr > (vdev->config_len - sizeof(val)))
>>>
>>> ^^^^^^^^^ quiz: spot a bug above if config_len is 0    :)
>> Then we need to fix these bugs and allocate a CVE.  virtio-rng has
>> shipped.  This code is also dumb.
>=20
> Ok, but since the discussion is in public list, no need for CVE then.

Wrong.  CVEs are useful even for publicly disclosed bugs.  It tells
people whether they need to upgrade in order to avoid a vulnerability.

What we don't need is embargo.  But we do need a CVE.

--=20
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org


------enig2OPXCOBLHFTVOTLEWFLLG
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Public key at http://people.redhat.com/eblake/eblake.gpg
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQEcBAEBCAAGBQJRelerAAoJEKeha0olJ0NqQCwH/jfCGB/YSpdORr6eabjmu96s
t6D2P4R27rmqKmG8mnZsQd1NYsqzglZ+vJWtkUKGrYAlvdIn6aYtkFozL9CElguf
VGHclQiZ3z1GUW05mZnSWhoOo54RsoEiVaMtvIpe4lfbYrPZnjnO9S4wwh9ZM2ON
OCBQkn9dFtRdpzEzfYtA1Lixr+Yd5vqyxiD+ZPk5Myyz2Ks17ajfKrV4itk4AujY
qwqAAF2HbBUUFIj2sWNW4kYjZdSVq9nNFBh3rNkcXse7kRUSzg9PJO1l80+NDO2w
vXh5P95947eMcUdyAuyMZz/ZCpUYtOrI54phr5Y2ExyogcCvkfiAiyDEogHYl2M=
=5A0d
-----END PGP SIGNATURE-----

------enig2OPXCOBLHFTVOTLEWFLLG--