virtio-gpu: fix information leak in getting capset info dispatch

In virgl_cmd_get_capset_info dispatch function, the 'resp' hasn't been full initialized before writing to the guest. This will leak the 'resp.padding' and 'resp.hdr.padding' fieds to the guest. This patch fix this issue. Signed-off-by: Li Qiang <liqiang6-s@360.cn> Message-id: 5818661e.0860240a.77264.7a56@mx.google.com Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
author: Li Qiang <liqiang6-s@360.cn> 2016-11-01 02:53:11 -0700
committer: Gerd Hoffmann <kraxel@redhat.com> 2016-12-05 09:37:52 +0100
commit: 42a8dadc74f8982fc269e54e3c5627b54d9f83d8 (patch)
tree: c83bb19954ac8a4f5a120ee44dc6d08aecc2d7ef
parent: 6c7565028c272c4c6f2a83c3a90b044eeaf2804a (diff)
download: qemu-42a8dadc74f8982fc269e54e3c5627b54d9f83d8.tar.gz
qemu-42a8dadc74f8982fc269e54e3c5627b54d9f83d8.tar.bz2
qemu-42a8dadc74f8982fc269e54e3c5627b54d9f83d8.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/hw/display/virtio-gpu-3d.c b/hw/display/virtio-gpu-3d.c
index 758d33a09d..23f39de94d 100644
--- a/hw/display/virtio-gpu-3d.c
+++ b/hw/display/virtio-gpu-3d.c
@@ -347,6 +347,7 @@ static void virgl_cmd_get_capset_info(VirtIOGPU *g,
 
     VIRTIO_GPU_FILL_CMD(info);
 
+    memset(&resp, 0, sizeof(resp));
     if (info.capset_index == 0) {
         resp.capset_id = VIRTIO_GPU_CAPSET_VIRGL;
         virgl_renderer_get_cap_set(resp.capset_id,
author	Li Qiang <liqiang6-s@360.cn>	2016-11-01 02:53:11 -0700
committer	Gerd Hoffmann <kraxel@redhat.com>	2016-12-05 09:37:52 +0100
commit	42a8dadc74f8982fc269e54e3c5627b54d9f83d8 (patch)
tree	c83bb19954ac8a4f5a120ee44dc6d08aecc2d7ef
parent	6c7565028c272c4c6f2a83c3a90b044eeaf2804a (diff)
download	qemu-42a8dadc74f8982fc269e54e3c5627b54d9f83d8.tar.gz qemu-42a8dadc74f8982fc269e54e3c5627b54d9f83d8.tar.bz2 qemu-42a8dadc74f8982fc269e54e3c5627b54d9f83d8.zip