Changeset 49846 in vbox
- Timestamp:
- Dec 9, 2013 3:41:02 PM (11 years ago)
- Location:
- trunk
- Files:
-
- 2 edited
-
include/VBox/VMMDev.h (modified) (1 diff)
-
src/VBox/Devices/VMMDev/VMMDevHGCM.cpp (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/include/VBox/VMMDev.h
r49411 r49846 119 119 /** Maximum number of HGCM parameters. */ 120 120 #define VMMDEV_MAX_HGCM_PARMS 1024 121 /** Maximum total size of hgcm buffers in one call. */ 122 #define VMMDEV_MAX_HGCM_DATA_SIZE UINT32_C(0x7FFFFFFF) 121 123 122 124 /** -
trunk/src/VBox/Devices/VMMDev/VMMDevHGCM.cpp
r49454 r49846 686 686 { 687 687 /* Only pointers with some actual data are counted. */ 688 if (pGuestParm->u.Pointer.size > VMMDEV_MAX_HGCM_DATA_SIZE - cbCmdSize) 689 { 690 rc = VERR_INVALID_PARAMETER; 691 break; 692 } 693 688 694 cbCmdSize += pGuestParm->u.Pointer.size; 689 695 … … 699 705 case VMMDevHGCMParmType_PageList: 700 706 { 707 if (pGuestParm->u.PageList.size > VMMDEV_MAX_HGCM_DATA_SIZE - cbCmdSize) 708 { 709 rc = VERR_INVALID_PARAMETER; 710 break; 711 } 712 701 713 cbCmdSize += pGuestParm->u.PageList.size; 702 714 Log(("vmmdevHGCMCall: pagelist size = %d\n", pGuestParm->u.PageList.size)); … … 738 750 { 739 751 /* Only pointers with some actual data are counted. */ 752 if (pGuestParm->u.Pointer.size > VMMDEV_MAX_HGCM_DATA_SIZE - cbCmdSize) 753 { 754 rc = VERR_INVALID_PARAMETER; 755 break; 756 } 757 740 758 cbCmdSize += pGuestParm->u.Pointer.size; 741 759 … … 751 769 case VMMDevHGCMParmType_PageList: 752 770 { 771 if (pGuestParm->u.PageList.size > VMMDEV_MAX_HGCM_DATA_SIZE - cbCmdSize) 772 { 773 rc = VERR_INVALID_PARAMETER; 774 break; 775 } 776 753 777 cbCmdSize += pGuestParm->u.PageList.size; 754 778 Log(("vmmdevHGCMCall: pagelist size = %d\n", pGuestParm->u.PageList.size));
Note:
See TracChangeset
for help on using the changeset viewer.
