megasas: fix guest-triggered memory leak
If the guest sets the sglist size to a value >=2GB, megasas_handle_dcmd will return MFI_STAT_MEMORY_NOT_AVAILABLE without freeing the memory. Avoid this by returning only the status from map_dcmd, and loading cmd->iov_size in the caller. Reported-by: NLi Qiang <liqiang6-s@360.cn> Signed-off-by: NPaolo Bonzini <pbonzini@redhat.com>
Showing
想要评论请 注册 或 登录