Google Git
Sign in
qemu / qemu / fa18f36a461984eae50ab957e47ec78dae3c14fc
commitfa18f36a461984eae50ab957e47ec78dae3c14fc[log] [tgz]
authorGerd Hoffmann <kraxel@redhat.com>Fri Apr 28 10:42:37 2017 +0200
committerGerd Hoffmann <kraxel@redhat.com>Wed May 03 14:18:21 2017 +0200
tree50707e34aab0606335a94762dfc4a333d078479f
parente619b14746e5d8c0e53061661fd0e1da01fd4d60 [diff]
input: limit kbd queue depth

Apply a limit to the number of items we accept into the keyboard queue.

Impact: Without this limit vnc clients can exhaust host memory by
sending keyboard events faster than qemu feeds them to the guest.

Fixes: CVE-2017-8379
Cc: P J P <ppandit@redhat.com>
Cc: Huawei PSIRT <PSIRT@huawei.com>
Reported-by: jiangxin1@huawei.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 20170428084237.23960-1-kraxel@redhat.com
1 file changed
tree: 50707e34aab0606335a94762dfc4a333d078479f
  1. audio/
  2. backends/
  3. block/
  4. bsd-user/
  5. chardev/
  6. contrib/
  7. crypto/
  8. default-configs/
  9. disas/
  10. docs/
  11. fpu/
  12. fsdev/
  13. gdb-xml/
  14. hw/
  15. include/
  16. io/
  17. libdecnumber/
  18. linux-headers/
  19. linux-user/
  20. migration/
  21. nbd/
  22. net/
  23. pc-bios/
  24. po/
  25. qapi/
  26. qga/
  27. qobject/
  28. qom/
  29. replay/
  30. roms/
  31. scripts/
  32. slirp/
  33. stubs/
  34. target/
  35. tcg/
  36. tests/
  37. trace/
  38. ui/
  39. util/
  40. dtc
  41. pixman
  42. .dir-locals.el
  43. .exrc
  44. .gitignore
  45. .gitmodules
  46. .mailmap
  47. .shippable.yml
  48. .travis.yml
  49. accel.c
  50. arch_init.c
  51. atomic_template.h
  52. balloon.c
  53. block.c
  54. blockdev-nbd.c
  55. blockdev.c
  56. blockjob.c
  57. bootdevice.c
  58. bt-host.c
  59. bt-vhci.c
  60. Changelog
  61. CODING_STYLE
  62. configure
  63. COPYING
  64. COPYING.LIB
  65. cpu-exec-common.c
  66. cpu-exec.c
  67. cpus-common.c
  68. cpus.c
  69. cputlb.c
  70. device-hotplug.c
  71. device_tree.c
  72. disas.c
  73. dma-helpers.c
  74. dump.c
  75. exec.c
  76. gdbstub.c
  77. HACKING
  78. hax-stub.c
  79. hmp-commands-info.hx
  80. hmp-commands.hx
  81. hmp.c
  82. hmp.h
  83. ioport.c
  84. iothread.c
  85. kvm-all.c
  86. kvm-stub.c
  87. LICENSE
  88. MAINTAINERS
  89. Makefile
  90. Makefile.objs
  91. Makefile.target
  92. memory.c
  93. memory_ldst.inc.c
  94. memory_mapping.c
  95. module-common.c
  96. monitor.c
  97. numa.c
  98. os-posix.c
  99. os-win32.c
  100. page_cache.c
  101. qapi-schema.json
  102. qdev-monitor.c
  103. qdict-test-data.txt
  104. qemu-bridge-helper.c
  105. qemu-doc.texi
  106. qemu-ga.texi
  107. qemu-img-cmds.hx
  108. qemu-img.c
  109. qemu-img.texi
  110. qemu-io-cmds.c
  111. qemu-io.c
  112. qemu-nbd.c
  113. qemu-nbd.texi
  114. qemu-option-trace.texi
  115. qemu-options-wrapper.h
  116. qemu-options.h
  117. qemu-options.hx
  118. qemu-seccomp.c
  119. qemu-tech.texi
  120. qemu.nsi
  121. qemu.sasl
  122. qmp.c
  123. qtest.c
  124. README
  125. replication.c
  126. replication.h
  127. rules.mak
  128. softmmu_template.h
  129. spice-qemu-char.c
  130. tcg-runtime.c
  131. tci.c
  132. thunk.c
  133. tpm.c
  134. trace-events
  135. translate-all.c
  136. translate-all.h
  137. translate-common.c
  138. user-exec-stub.c
  139. user-exec.c
  140. VERSION
  141. version.rc
  142. vl.c