- Timestamp:
- Dec 9, 2013 3:41:02 PM (11 years ago)
- File:
-
- 1 edited
-
trunk/src/VBox/Devices/VMMDev/VMMDevHGCM.cpp (modified) (4 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/Devices/VMMDev/VMMDevHGCM.cpp
r49454 r49846 686 686 { 687 687 /* Only pointers with some actual data are counted. */ 688 if (pGuestParm->u.Pointer.size > VMMDEV_MAX_HGCM_DATA_SIZE - cbCmdSize) 689 { 690 rc = VERR_INVALID_PARAMETER; 691 break; 692 } 693 688 694 cbCmdSize += pGuestParm->u.Pointer.size; 689 695 … … 699 705 case VMMDevHGCMParmType_PageList: 700 706 { 707 if (pGuestParm->u.PageList.size > VMMDEV_MAX_HGCM_DATA_SIZE - cbCmdSize) 708 { 709 rc = VERR_INVALID_PARAMETER; 710 break; 711 } 712 701 713 cbCmdSize += pGuestParm->u.PageList.size; 702 714 Log(("vmmdevHGCMCall: pagelist size = %d\n", pGuestParm->u.PageList.size)); … … 738 750 { 739 751 /* Only pointers with some actual data are counted. */ 752 if (pGuestParm->u.Pointer.size > VMMDEV_MAX_HGCM_DATA_SIZE - cbCmdSize) 753 { 754 rc = VERR_INVALID_PARAMETER; 755 break; 756 } 757 740 758 cbCmdSize += pGuestParm->u.Pointer.size; 741 759 … … 751 769 case VMMDevHGCMParmType_PageList: 752 770 { 771 if (pGuestParm->u.PageList.size > VMMDEV_MAX_HGCM_DATA_SIZE - cbCmdSize) 772 { 773 rc = VERR_INVALID_PARAMETER; 774 break; 775 } 776 753 777 cbCmdSize += pGuestParm->u.PageList.size; 754 778 Log(("vmmdevHGCMCall: pagelist size = %d\n", pGuestParm->u.PageList.size));
Note:
See TracChangeset
for help on using the changeset viewer.
