]> git.proxmox.com Git - mirror_qemu.git/commit
hw/block/nvme: fix out-of-bounds read in nvme_subsys_ctrl
authorKlaus Jensen <k.jensen@samsung.com>
Wed, 7 Apr 2021 05:16:14 +0000 (07:16 +0200)
committerKlaus Jensen <k.jensen@samsung.com>
Wed, 7 Apr 2021 08:48:33 +0000 (10:48 +0200)
commit7645f21f409b67eb9aad9feef6283c2e186e3703
tree4871d95b8ae7311e676001a74bb8f55abe1bf688
parentec20329748d02728b823443436fe26eadb04f8cc
hw/block/nvme: fix out-of-bounds read in nvme_subsys_ctrl

nvme_subsys_ctrl() is used in contexts where the given controller
identifier is from an untrusted source. Like its friends nvme_ns() and
nvme_subsys_ns(), nvme_subsys_ctrl() should just return NULL if an
invalid identifier is given.

Fixes: 645ce1a70cb6 ("hw/block/nvme: support namespace attachment command")
Cc: Minwoo Im <minwoo.im.dev@gmail.com>
Signed-off-by: Klaus Jensen <k.jensen@samsung.com>
Reviewed-by: Minwoo Im <minwoo.im.dev@gmail.com>
hw/block/nvme-subsys.h