From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:33232) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1bzNd6-0001t9-Vg for qemu-devel@nongnu.org; Wed, 26 Oct 2016 08:48:29 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1bzNd3-0006fr-HQ for qemu-devel@nongnu.org; Wed, 26 Oct 2016 08:48:29 -0400 Received: from mx1.redhat.com ([209.132.183.28]:38306) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1bzNd3-0006fO-B8 for qemu-devel@nongnu.org; Wed, 26 Oct 2016 08:48:25 -0400 Message-ID: <1477486103.18984.53.camel@redhat.com> From: Gerd Hoffmann Date: Wed, 26 Oct 2016 14:48:23 +0200 In-Reply-To: <1476949224-6865-1-git-send-email-ppandit@redhat.com> References: <1476949224-6865-1-git-send-email-ppandit@redhat.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 Subject: Re: [Qemu-devel] [PATCH] audio: intel-hda: check stream entry count during transfer List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: P J P Cc: Qemu Developers , Huawei PSIRT , Prasad J Pandit On Do, 2016-10-20 at 13:10 +0530, P J P wrote: > From: Prasad J Pandit >=20 > Intel HDA emulator uses stream of buffers during DMA data > transfers. Each entry has buffer length and buffer pointer > position, which are used to derive bytes to 'copy'. If this > length and buffer pointer were to be same, 'copy' could be > set to zero(0), leading to an infinite loop. Add check to > avoid it. >=20 > Reported-by: Huawei PSIRT > Signed-off-by: Prasad J Pandit Added to audio patch queue. thanks, Gerd