-
由 Prasad J Pandit 提交于
While writing a message in 'lsi_do_msgin', message length value in 'msg_len' could be invalid due to an invalid migration stream. Add an assertion to avoid an out of bounds access, and reject the incoming migration data if it contains an invalid message length. Discovered by Deja vu Security. Reported by Oracle. Signed-off-by: NPrasad J Pandit <pjp@fedoraproject.org> Message-Id: <20181026194314.18663-1-ppandit@redhat.com> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
e58ccf03