[{"id":1763563,"web_url":"http://patchwork.ozlabs.org/comment/1763563/","msgid":"","list_archive_url":null,"date":"2017-09-05T18:23:55","subject":"Re: [Qemu-devel] [PATCH] multiboot: validate multiboot header\n\taddress values","submitter":{"id":71296,"url":"http://patchwork.ozlabs.org/api/people/71296/","name":"joel--- via qemu development","email":"qemu-devel@nongnu.org"},"content":"On Tue, Sep 5, 2017 at 11:12 AM, Thomas Garnier wrote:\n> On Tue, Sep 5, 2017 at 10:49 AM, P J P wrote:\n>> From: Prasad J Pandit \n>>\n>> While loading kernel via multiboot-v1 image, (flags & 0x00010000)\n>> indicates that multiboot header contains valid addresses to load\n>> the kernel image. These addresses are used to compute kernel\n>> size and kernel text offset in the OS image. Validate these\n>> address values to avoid an OOB access issue.\n>>\n>> Reported-by: Thomas Garnier \n>> Signed-off-by: Prasad J Pandit \n>> ---\n>\n> Looks good, tested.\n>\n> Tested-by: Thomas Garnier \n\nBtw, can you open a CVE for that? (and reference it in the commit).\n\n>\n>> hw/i386/multiboot.c | 19 +++++++++++++++++++\n>> 1 file changed, 19 insertions(+)\n>>\n>> diff --git a/hw/i386/multiboot.c b/hw/i386/multiboot.c\n>> index 6001f4caa2..c7b70c91d5 100644\n>> --- a/hw/i386/multiboot.c\n>> +++ b/hw/i386/multiboot.c\n>> @@ -221,15 +221,34 @@ int load_multiboot(FWCfgState *fw_cfg,\n>> uint32_t mh_header_addr = ldl_p(header+i+12);\n>> uint32_t mh_load_end_addr = ldl_p(header+i+20);\n>> uint32_t mh_bss_end_addr = ldl_p(header+i+24);\n>> +\n>> mh_load_addr = ldl_p(header+i+16);\n>> + if (mh_header_addr < mh_load_addr) {\n>> + fprintf(stderr, \"invalid mh_load_addr address\\n\");\n>> + exit(1);\n>> + }\n>> +\n>> uint32_t mb_kernel_text_offset = i - (mh_header_addr - mh_load_addr);\n>> uint32_t mb_load_size = 0;\n>> mh_entry_addr = ldl_p(header+i+28);\n>>\n>> if (mh_load_end_addr) {\n>> + if (mh_bss_end_addr < mh_load_addr) {\n>> + fprintf(stderr, \"invalid mh_bss_end_addr address\\n\");\n>> + exit(1);\n>> + }\n>> mb_kernel_size = mh_bss_end_addr - mh_load_addr;\n>> +\n>> + if (mh_load_end_addr < mh_load_addr) {\n>> + fprintf(stderr, \"invalid mh_load_end_addr address\\n\");\n>> + exit(1);\n>> + }\n>> mb_load_size = mh_load_end_addr - mh_load_addr;\n>> } else {\n>> + if (kernel_file_size < mb_kernel_text_offset) {\n>> + fprintf(stderr, \"invalid kernel_file_size\\n\");\n>> + exit(1);\n>> + }\n>> mb_kernel_size = kernel_file_size - mb_kernel_text_offset;\n>> mb_load_size = mb_kernel_size;\n>> }\n>> --\n>> 2.13.5\n>>\n>\n>\n>\n> --\n> Thomas","headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=nongnu.org\n\t(client-ip=2001:4830:134:3::11; helo=lists.gnu.org;\n\tenvelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n\treceiver=)","ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n\tunprotected) header.d=google.com header.i=@google.com\n\theader.b=\"Xi0ePmnC\"; dkim-atps=neutral"],"Received":["from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11])\n\t(using TLSv1 with cipher AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xmwc63h46z9sCZ\n\tfor ;\n\tWed, 6 Sep 2017 04:44:21 +1000 (AEST)","from localhost ([::1]:60653 helo=lists.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.71) (envelope-from\n\t)\n\tid 1dpIpf-0008S7-0i\n\tfor incoming@patchwork.ozlabs.org; Tue, 05 Sep 2017 14:44:19 -0400","from eggs.gnu.org ([2001:4830:134:3::10]:39827)\n\tby lists.gnu.org with esmtp (Exim 4.71)\n\t(envelope-from ) id 1dpIW2-00032Q-8m\n\tfor qemu-devel@nongnu.org; Tue, 05 Sep 2017 14:24:07 -0400","from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)\n\t(envelope-from ) id 1dpIVx-0008U4-HE\n\tfor qemu-devel@nongnu.org; Tue, 05 Sep 2017 14:24:02 -0400","from mail-io0-x230.google.com ([2607:f8b0:4001:c06::230]:36020)\n\tby eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)\n\t(Exim 4.71) (envelope-from ) id 1dpIVx-0008Tt-C7\n\tfor qemu-devel@nongnu.org; Tue, 05 Sep 2017 14:23:57 -0400","by mail-io0-x230.google.com with SMTP id z67so19298580iof.3\n\tfor ; Tue, 05 Sep 2017 11:23:57 -0700 (PDT)","by 10.107.190.66 with HTTP; Tue, 5 Sep 2017 11:23:55 -0700 (PDT)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;\n\ts=20161025; \n\th=mime-version:in-reply-to:references:from:date:message-id:subject:to\n\t:cc; bh=wybMrsN0kG903mBN4LCBV3eJLN178VtIFp+4NnQmlTU=;\n\tb=Xi0ePmnCNvJBHq0JC0G5wqCcS0wHdEVek2bLdAqRCZznIUPBA7U8Xm4K0ALxXea59T\n\tuarNL2XP0fdZ4W52gvhi2fSSBQ7mSXtx1tBLoABlLfb1GrscYpxG3/DdfD5X2xX/YOv7\n\t8Iu1+/uaveAXjef8bHZHtp2LBEyGvZum5gvRpg//w9orjujShZ/HxQHIvuPtLtEDmPTw\n\t0NJ/qCq4zygP+Eik23wz0kORF5J/pAWZryljnnoE+H+37ekEZYUougxXX/yZLHsxUESu\n\t6d7+jb7qfViCVMp8szuWPv/3Ta3wM1jNPiobikgApeBTpWxfmSvW2rmh6brobrmQLqS5\n\txdYQ==","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:mime-version:in-reply-to:references:from:date\n\t:message-id:subject:to:cc;\n\tbh=wybMrsN0kG903mBN4LCBV3eJLN178VtIFp+4NnQmlTU=;\n\tb=QZz6ARV8yYP3I0mxJXgJs2ZKGMxDk06pN4QBmX52rR/x6Th+QcOhzocG0kTIhCPlZO\n\tMWfEgi7tWWI4TpUuAGUtD2MTa/TQ/sCGBkqMEkIBnuNQYCOIn0CfiYi83qxJa6PBOsev\n\txef+xcdf6surcL8R5nN1vsB6Wr2CfWqEbAzo9Qe27noNhF5wdaaUV+nV6Oj0p5859Hse\n\tLHP4IVcxUY383faqkNCxIDwAhd04/72WvzQrxhAbNTMpcfc4Gkba59rMex/nr+kSZJsC\n\tQGDrfPiH5Y2mK5ftQP4FofruC4viWuWp4I6080FXS2SfWIppzq1k0mxz5fwQYtTmQHqZ\n\t18TQ==","X-Gm-Message-State":"AHPjjUhzybLEUIdYlfZRFbtqRqJIV8IiFaWRmDve5qbJjmA3dk2HKC4R\n\t7JUDscm9V2Yer289MEZTrlPsj83C0dbN","X-Google-Smtp-Source":"ADKCNb74KePSX2A07uFuvTAAbZO0PAUpaEY684U2KEDGAGwI2CegwHqB1YrtS7ah/bxj3GUZ+X/2yROueLxXuJFYNAA=","X-Received":"by 10.107.68.12 with SMTP id r12mr5302376ioa.82.1504635836434;\n\tTue, 05 Sep 2017 11:23:56 -0700 (PDT)","MIME-Version":"1.0","In-Reply-To":"","References":"<20170905174942.3094-1-ppandit@redhat.com>\n\t","Date":"Tue, 5 Sep 2017 11:23:55 -0700","Message-ID":"","To":"P J P ","Content-Type":"text/plain; charset=\"UTF-8\"","X-detected-operating-system":"by eggs.gnu.org: Genre and OS details not\n\trecognized.","X-Received-From":"2607:f8b0:4001:c06::230","X-Mailman-Approved-At":"Tue, 05 Sep 2017 14:43:36 -0400","Subject":"Re: [Qemu-devel] [PATCH] multiboot: validate multiboot header\n\taddress values","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.21","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","From":"Thomas Garnier via Qemu-devel ","Reply-To":"Thomas Garnier ","Cc":"Paolo Bonzini ,\n\tPrasad J Pandit ,\n\tQemu Developers ,\n\tEduardo Habkost ","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"\"Qemu-devel\"\n\t"}},{"id":1763564,"web_url":"http://patchwork.ozlabs.org/comment/1763564/","msgid":"","list_archive_url":null,"date":"2017-09-05T18:12:43","subject":"Re: [Qemu-devel] [PATCH] multiboot: validate multiboot header\n\taddress values","submitter":{"id":71296,"url":"http://patchwork.ozlabs.org/api/people/71296/","name":"joel--- via qemu development","email":"qemu-devel@nongnu.org"},"content":"On Tue, Sep 5, 2017 at 10:49 AM, P J P wrote:\n> From: Prasad J Pandit \n>\n> While loading kernel via multiboot-v1 image, (flags & 0x00010000)\n> indicates that multiboot header contains valid addresses to load\n> the kernel image. These addresses are used to compute kernel\n> size and kernel text offset in the OS image. Validate these\n> address values to avoid an OOB access issue.\n>\n> Reported-by: Thomas Garnier \n> Signed-off-by: Prasad J Pandit \n> ---\n\nLooks good, tested.\n\nTested-by: Thomas Garnier \n\n> hw/i386/multiboot.c | 19 +++++++++++++++++++\n> 1 file changed, 19 insertions(+)\n>\n> diff --git a/hw/i386/multiboot.c b/hw/i386/multiboot.c\n> index 6001f4caa2..c7b70c91d5 100644\n> --- a/hw/i386/multiboot.c\n> +++ b/hw/i386/multiboot.c\n> @@ -221,15 +221,34 @@ int load_multiboot(FWCfgState *fw_cfg,\n> uint32_t mh_header_addr = ldl_p(header+i+12);\n> uint32_t mh_load_end_addr = ldl_p(header+i+20);\n> uint32_t mh_bss_end_addr = ldl_p(header+i+24);\n> +\n> mh_load_addr = ldl_p(header+i+16);\n> + if (mh_header_addr < mh_load_addr) {\n> + fprintf(stderr, \"invalid mh_load_addr address\\n\");\n> + exit(1);\n> + }\n> +\n> uint32_t mb_kernel_text_offset = i - (mh_header_addr - mh_load_addr);\n> uint32_t mb_load_size = 0;\n> mh_entry_addr = ldl_p(header+i+28);\n>\n> if (mh_load_end_addr) {\n> + if (mh_bss_end_addr < mh_load_addr) {\n> + fprintf(stderr, \"invalid mh_bss_end_addr address\\n\");\n> + exit(1);\n> + }\n> mb_kernel_size = mh_bss_end_addr - mh_load_addr;\n> +\n> + if (mh_load_end_addr < mh_load_addr) {\n> + fprintf(stderr, \"invalid mh_load_end_addr address\\n\");\n> + exit(1);\n> + }\n> mb_load_size = mh_load_end_addr - mh_load_addr;\n> } else {\n> + if (kernel_file_size < mb_kernel_text_offset) {\n> + fprintf(stderr, \"invalid kernel_file_size\\n\");\n> + exit(1);\n> + }\n> mb_kernel_size = kernel_file_size - mb_kernel_text_offset;\n> mb_load_size = mb_kernel_size;\n> }\n> --\n> 2.13.5\n>","headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=nongnu.org\n\t(client-ip=2001:4830:134:3::11; helo=lists.gnu.org;\n\tenvelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n\treceiver=)","ozlabs.org;\n\tdkim=fail reason=\"signature verification failed\" (2048-bit key;\n\tunprotected) header.d=google.com header.i=@google.com\n\theader.b=\"Z+oGwUbe\"; dkim-atps=neutral"],"Received":["from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11])\n\t(using TLSv1 with cipher AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xmwcX6HSrz9sCZ\n\tfor ;\n\tWed, 6 Sep 2017 04:44:44 +1000 (AEST)","from localhost ([::1]:60655 helo=lists.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.71) (envelope-from\n\t)\n\tid 1dpIq3-0000Sq-1J\n\tfor incoming@patchwork.ozlabs.org; Tue, 05 Sep 2017 14:44:43 -0400","from eggs.gnu.org ([2001:4830:134:3::10]:35865)\n\tby lists.gnu.org with esmtp (Exim 4.71)\n\t(envelope-from ) id 1dpILD-0000HO-Ct\n\tfor qemu-devel@nongnu.org; Tue, 05 Sep 2017 14:12:57 -0400","from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)\n\t(envelope-from ) id 1dpIL8-0002QN-IO\n\tfor qemu-devel@nongnu.org; Tue, 05 Sep 2017 14:12:51 -0400","from mail-io0-x234.google.com ([2607:f8b0:4001:c06::234]:37865)\n\tby eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)\n\t(Exim 4.71) (envelope-from ) id 1dpIL8-0002Q7-Cp\n\tfor qemu-devel@nongnu.org; Tue, 05 Sep 2017 14:12:46 -0400","by mail-io0-x234.google.com with SMTP id j141so15177023ioj.4\n\tfor ; Tue, 05 Sep 2017 11:12:45 -0700 (PDT)","by 10.107.190.66 with HTTP; Tue, 5 Sep 2017 11:12:43 -0700 (PDT)"],"DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;\n\ts=20161025; \n\th=mime-version:in-reply-to:references:from:date:message-id:subject:to\n\t:cc; bh=39SA6G2XBjzv7pUwB8itNUk0Yp8Vpjds6qEwXB95grg=;\n\tb=Z+oGwUbeF5mg1LKYdeL0YqK4k8TKPtQkh8izIC3+b6cseouIdbAnAt4rIotogYyI7y\n\t2kRCNVPMQCxzdFHeawGHT+4Ab82aJCTcuvkFg2AZV6OoL/vCoRiOWw5hl+mKGP3Xp99T\n\t4vNGJEP1nqq5MT+zX50eNuaou0B1naqE2d/Dgt0AQ6u9FwDGvWZpp31bXvP2IbcmfdCD\n\tdE4y+7yp3z3HbBO6WUs2RMUrddRKU0KF9FbwUAxpXb5CrQh3l3MepEQO+fzWUwVLuzPJ\n\t9vK+27W/uEzm5b78woDYnyjiVVlwoKijgKlfQXRgKpFVLvBK/46s7yGTJIAf59PfyA67\n\tmgsQ==","X-Google-DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/relaxed;\n\td=1e100.net; s=20161025;\n\th=x-gm-message-state:mime-version:in-reply-to:references:from:date\n\t:message-id:subject:to:cc;\n\tbh=39SA6G2XBjzv7pUwB8itNUk0Yp8Vpjds6qEwXB95grg=;\n\tb=A1+nleqqdqrZRXUxY6rLfL8CBc17PHDE6wLak5X0sQ0ASj+s2JvVYruG0UqiGL2f2e\n\teMWbL/1obKkQcb9YLHEjQU1xn5MKc1iFcuhQgVxOXA2rQeSmrOeeMFu1VOx0O8ccTrQr\n\tu+Y2Er9/TBc7+W0lAEiNzQVTkJZw7ZwFy0yyGGs2K3LAPly5rA5D0FBf4LWIhUhKFKTV\n\td6ED9MaXPJHMrErH2iwYalKZIGlgdCszLy44Ayx9iBZSDUXIEUsEZ/D7y4NAyL/CQpiM\n\tnblb7cTyi1UmUdVvu/9AWIscza7GIFILGLRUlUOah+jbOHzlSERFCaOY+ghMdsmguqgM\n\t5t5Q==","X-Gm-Message-State":"AHPjjUg2znNHv+Ilb7jWOwA3+MtJvQOLd9ZsC3kNkpShBWO+LErNs2bW\n\tfJRJyQ9/1qzCPlDqpETiD9C3xa5F1rQE","X-Google-Smtp-Source":"ADKCNb5bpCk6O47UbLBc2hx79HCIqn01ADYzndoXs6fVjxG/5XFLCcKWgjETcmt4unldewX7eEJbID/y4JRZMdZZanE=","X-Received":"by 10.107.68.12 with SMTP id r12mr5260895ioa.82.1504635164151;\n\tTue, 05 Sep 2017 11:12:44 -0700 (PDT)","MIME-Version":"1.0","In-Reply-To":"<20170905174942.3094-1-ppandit@redhat.com>","References":"<20170905174942.3094-1-ppandit@redhat.com>","Date":"Tue, 5 Sep 2017 11:12:43 -0700","Message-ID":"","To":"P J P ","Content-Type":"text/plain; charset=\"UTF-8\"","X-detected-operating-system":"by eggs.gnu.org: Genre and OS details not\n\trecognized.","X-Received-From":"2607:f8b0:4001:c06::234","X-Mailman-Approved-At":"Tue, 05 Sep 2017 14:43:36 -0400","Subject":"Re: [Qemu-devel] [PATCH] multiboot: validate multiboot header\n\taddress values","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.21","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","From":"Thomas Garnier via Qemu-devel ","Reply-To":"Thomas Garnier ","Cc":"Paolo Bonzini ,\n\tPrasad J Pandit ,\n\tQemu Developers ,\n\tEduardo Habkost ","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"\"Qemu-devel\"\n\t"}},{"id":1764535,"web_url":"http://patchwork.ozlabs.org/comment/1764535/","msgid":"","list_archive_url":null,"date":"2017-09-07T06:40:48","subject":"Re: [Qemu-devel] [PATCH] multiboot: validate multiboot header\n\taddress values","submitter":{"id":67408,"url":"http://patchwork.ozlabs.org/api/people/67408/","name":"Prasad Pandit","email":"ppandit@redhat.com"},"content":"+-- On Tue, 5 Sep 2017, Thomas Garnier wrote --+\n| Btw, can you open a CVE for that? (and reference it in the commit).\n\n Done; Sent revised patch v1.\n\nThank you.\n--\nPrasad J Pandit / Red Hat Product Security Team\n47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F","headers":{"Return-Path":"","X-Original-To":"incoming@patchwork.ozlabs.org","Delivered-To":"patchwork-incoming@bilbo.ozlabs.org","Authentication-Results":["ozlabs.org;\n\tspf=pass (mailfrom) smtp.mailfrom=nongnu.org\n\t(client-ip=2001:4830:134:3::11; helo=lists.gnu.org;\n\tenvelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org;\n\treceiver=)","ext-mx06.extmail.prod.ext.phx2.redhat.com;\n\tdmarc=none (p=none dis=none) header.from=redhat.com","ext-mx06.extmail.prod.ext.phx2.redhat.com;\n\tspf=fail smtp.mailfrom=ppandit@redhat.com"],"Received":["from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11])\n\t(using TLSv1 with cipher AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby ozlabs.org (Postfix) with ESMTPS id 3xnrT01H1Zz9s82\n\tfor ;\n\tThu, 7 Sep 2017 16:41:24 +1000 (AEST)","from localhost ([::1]:39019 helo=lists.gnu.org)\n\tby lists.gnu.org with esmtp (Exim 4.71) (envelope-from\n\t)\n\tid 1dpqV8-0004j1-BB\n\tfor incoming@patchwork.ozlabs.org; Thu, 07 Sep 2017 02:41:22 -0400","from eggs.gnu.org ([2001:4830:134:3::10]:52386)\n\tby lists.gnu.org with esmtp (Exim 4.71)\n\t(envelope-from ) id 1dpqUk-0004iT-Kn\n\tfor qemu-devel@nongnu.org; Thu, 07 Sep 2017 02:41:03 -0400","from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)\n\t(envelope-from ) id 1dpqUh-00042y-IY\n\tfor qemu-devel@nongnu.org; Thu, 07 Sep 2017 02:40:58 -0400","from mx1.redhat.com ([209.132.183.28]:47004)\n\tby eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32)\n\t(Exim 4.71) (envelope-from ) id 1dpqUh-00042l-Cn\n\tfor qemu-devel@nongnu.org; Thu, 07 Sep 2017 02:40:55 -0400","from smtp.corp.redhat.com\n\t(int-mx06.intmail.prod.int.phx2.redhat.com [10.5.11.16])\n\t(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))\n\t(No client certificate requested)\n\tby mx1.redhat.com (Postfix) with ESMTPS id 4D886356DC;\n\tThu, 7 Sep 2017 06:40:54 +0000 (UTC)","from javelin (unknown [10.65.150.239])\n\tby smtp.corp.redhat.com (Postfix) with ESMTPS id 16B7A171CE;\n\tThu, 7 Sep 2017 06:40:50 +0000 (UTC)"],"DMARC-Filter":"OpenDMARC Filter v1.3.2 mx1.redhat.com 4D886356DC","Date":"Thu, 7 Sep 2017 12:10:48 +0530 (IST)","From":"P J P ","X-X-Sender":"pjp@javelin","To":"Thomas Garnier ","In-Reply-To":"","Message-ID":"","References":"<20170905174942.3094-1-ppandit@redhat.com>\n\t\n\t","MIME-Version":"1.0","Content-Type":"text/plain; charset=US-ASCII","X-Scanned-By":"MIMEDefang 2.79 on 10.5.11.16","X-Greylist":"Sender IP whitelisted, not delayed by milter-greylist-4.5.16\n\t(mx1.redhat.com [10.5.110.30]);\n\tThu, 07 Sep 2017 06:40:54 +0000 (UTC)","X-detected-operating-system":"by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]\n\t[fuzzy]","X-Received-From":"209.132.183.28","Subject":"Re: [Qemu-devel] [PATCH] multiboot: validate multiboot header\n\taddress values","X-BeenThere":"qemu-devel@nongnu.org","X-Mailman-Version":"2.1.21","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","Cc":"Paolo Bonzini ,\n\tQemu Developers ,\n\tEduardo Habkost ","Errors-To":"qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org","Sender":"\"Qemu-devel\"\n\t"}}]