Commit 42a8dadc authored by Li Qiang's avatar Li Qiang Committed by Gerd Hoffmann
Browse files

virtio-gpu: fix information leak in getting capset info dispatch 



In virgl_cmd_get_capset_info dispatch function, the 'resp' hasn't
been full initialized before writing to the guest. This will leak
the 'resp.padding' and 'resp.hdr.padding' fieds to the guest. This
patch fix this issue.

Signed-off-by: default avatarLi Qiang <liqiang6-s@360.cn>
Message-id: 5818661e.0860240a.77264.7a56@mx.google.com
Reviewed-by: default avatarMarc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: default avatarGerd Hoffmann <kraxel@redhat.com>
parent 6c756502

hw/display/virtio-gpu-3d.c

+1 −0
Original line number Diff line number Diff line
@@ -347,6 +347,7 @@ static void virgl_cmd_get_capset_info(VirtIOGPU *g, 


    VIRTIO_GPU_FILL_CMD(info);



    memset(&resp, 0, sizeof(resp));

    if (info.capset_index == 0) {

        resp.capset_id = VIRTIO_GPU_CAPSET_VIRGL;

        virgl_renderer_get_cap_set(resp.capset_id,