From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:56521) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cCnFg-0007p5-3U for qemu-devel@nongnu.org; Fri, 02 Dec 2016 07:47:44 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cCnFd-0006JK-2i for qemu-devel@nongnu.org; Fri, 02 Dec 2016 07:47:44 -0500 Received: from mx1.redhat.com ([209.132.183.28]:57630) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cCnFc-0006J5-TB for qemu-devel@nongnu.org; Fri, 02 Dec 2016 07:47:41 -0500 Message-ID: <1480682856.13905.15.camel@redhat.com> From: Gerd Hoffmann Date: Fri, 02 Dec 2016 13:47:36 +0100 In-Reply-To: References: <20161201170624.26496-1-lersek@redhat.com> <20161201170624.26496-3-lersek@redhat.com> <1480677038.13905.9.camel@redhat.com> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 Subject: Re: [Qemu-devel] [PATCH v4 2/7] fw-cfg: turn FW_CFG_FILE_SLOTS into a device property List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Laszlo Ersek Cc: qemu devel list , "Gabriel L. Somlo" , "Michael S. Tsirkin" , Igor Mammedov , Paolo Bonzini Hi, > Please check one of the links in the blurb, under which Paolo noted that > we're already above the limit in the worst (theoretical) case. Oh, ok. That changes the picture. > In practice they don't hit the limit, indeed. But creating such a case being possible (even if unlikely) is reason enough to care, from a security point of view. cheers, Gerd