From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1HahzS-0004b1-Si for qemu-devel@nongnu.org; Sun, 08 Apr 2007 20:44:14 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1HahzQ-0004aN-Ox for qemu-devel@nongnu.org; Sun, 08 Apr 2007 20:44:14 -0400 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1HahzQ-0004aF-K8 for qemu-devel@nongnu.org; Sun, 08 Apr 2007 20:44:12 -0400 Received: from vms042pub.verizon.net ([206.46.252.42]) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1Hahve-0006d0-Nj for qemu-devel@nongnu.org; Sun, 08 Apr 2007 20:40:18 -0400 Received: from localhost ([68.163.149.131]) by vms042.mailsrvcs.net (Sun Java System Messaging Server 6.2-6.01 (built Apr 3 2006)) with ESMTPA id <0JG700E24GIC16LA@vms042.mailsrvcs.net> for qemu-devel@nongnu.org; Sun, 08 Apr 2007 19:39:49 -0500 (CDT) Date: Sun, 08 Apr 2007 20:40:11 -0400 From: Thomas Tuttle Message-id: <20070409004011.GA1570@lion> MIME-version: 1.0 Content-type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary=dc+cDN39EJAMEtIO Content-disposition: inline Subject: [Qemu-devel] [PATCH] Crop VNC update requests to avoid segfaults Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org --dc+cDN39EJAMEtIO Content-Type: multipart/mixed; boundary="n8g4imXOkfNTN/H1" Content-Disposition: inline --n8g4imXOkfNTN/H1 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline I was booting a guest that lowered the screen resolution after I logged in, so my VNC client was running at a larger resolution (1024x768) than the actual Qemu framebuffer's resolution (800x600). When the VNC client requested an update, Qemu tried to set the dirty bits and memset the data for an area of the screen that was non-existant, and it segfaulted. I've written a patch that "crops" the coordinates (both x and y, even though only y is actually used) of the update region to the actual size of the display to avoid this problem. It is attached. I made it against Qemu CVS. Comments, suggestions, and constructive criticism is appreciated. Thank you, Thomas Tuttle --n8g4imXOkfNTN/H1 Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="qemu-crop-vnc-update.patch" Index: vnc.c =================================================================== RCS file: /sources/qemu/qemu/vnc.c,v retrieving revision 1.13 diff -u -r1.13 vnc.c --- vnc.c 19 Mar 2007 15:17:08 -0000 1.13 +++ vnc.c 9 Apr 2007 00:31:37 -0000 @@ -852,6 +852,13 @@ int x_position, int y_position, int w, int h) { + if (x_position > vs->ds->width) x_position = vs->ds->width; + if (y_position > vs->ds->height) y_position = vs->ds->height; + if (x_position + w >= vs->ds->width) w = vs->ds->width - x_position; + if (y_position + h >= vs->ds->height) h = vs->ds->height - y_position; + if (w < 0) w = 0; + if (h < 0) h = 0; + int i; vs->need_update = 1; if (!incremental) { --n8g4imXOkfNTN/H1-- --dc+cDN39EJAMEtIO Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGGYtr/UG6u69REsYRAjzhAKCKHfvw5UZJ4hF06y6ZI3jfkKPnqACfSkDf gFRXOlD9lqi+tbP47Pf9lnY= =uQC3 -----END PGP SIGNATURE----- --dc+cDN39EJAMEtIO--