| Message ID | 20190527091226.4943-1-kraxel@redhat.com |
|---|---|
| State | New |
| Headers | show |
| Series | virtio-gpu: add sanity check | expand |
On Mon, May 27, 2019 at 11:13 AM Gerd Hoffmann <kraxel@redhat.com> wrote: > > Require a minimum 16x16 size for the scanout, to make sure the guest > can't set either width or height to zero. This (a) doesn't make sense > at all and (b) causes problems in some UI code. When using spice this > will triggers an assert(). > > Reported-by: Tyler Slabinski <tslabinski@slabity.net> > Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> > --- > hw/display/virtio-gpu.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c > index 9e37e0ac96b7..372b31ef0af2 100644 > --- a/hw/display/virtio-gpu.c > +++ b/hw/display/virtio-gpu.c > @@ -677,6 +677,8 @@ static void virtio_gpu_set_scanout(VirtIOGPU *g, > > if (ss.r.x > res->width || > ss.r.y > res->height || > + ss.r.width < 16 || > + ss.r.height < 16 || > ss.r.width > res->width || > ss.r.height > res->height || > ss.r.x + ss.r.width > res->width || > -- > 2.18.1 > >
On Mon, May 27, 2019 at 11:12:26AM +0200, Gerd Hoffmann wrote: > Require a minimum 16x16 size for the scanout, to make sure the guest > can't set either width or height to zero. This (a) doesn't make sense > at all and (b) causes problems in some UI code. When using spice this > will triggers an assert(). > > Reported-by: Tyler Slabinski <tslabinski@slabity.net> > Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> OK. Worth adding to spec maybe. > --- > hw/display/virtio-gpu.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c > index 9e37e0ac96b7..372b31ef0af2 100644 > --- a/hw/display/virtio-gpu.c > +++ b/hw/display/virtio-gpu.c > @@ -677,6 +677,8 @@ static void virtio_gpu_set_scanout(VirtIOGPU *g, > > if (ss.r.x > res->width || > ss.r.y > res->height || > + ss.r.width < 16 || > + ss.r.height < 16 || > ss.r.width > res->width || > ss.r.height > res->height || > ss.r.x + ss.r.width > res->width || > -- > 2.18.1
diff --git a/hw/display/virtio-gpu.c b/hw/display/virtio-gpu.c index 9e37e0ac96b7..372b31ef0af2 100644 --- a/hw/display/virtio-gpu.c +++ b/hw/display/virtio-gpu.c @@ -677,6 +677,8 @@ static void virtio_gpu_set_scanout(VirtIOGPU *g, if (ss.r.x > res->width || ss.r.y > res->height || + ss.r.width < 16 || + ss.r.height < 16 || ss.r.width > res->width || ss.r.height > res->height || ss.r.x + ss.r.width > res->width ||
Require a minimum 16x16 size for the scanout, to make sure the guest can't set either width or height to zero. This (a) doesn't make sense at all and (b) causes problems in some UI code. When using spice this will triggers an assert(). Reported-by: Tyler Slabinski <tslabinski@slabity.net> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> --- hw/display/virtio-gpu.c | 2 ++ 1 file changed, 2 insertions(+)