From 6fb6f001155d2c37cd9d56ea9474e3dd11a43ca6 Mon Sep 17 00:00:00 2001 From: Markus Armbruster Date: Fri, 25 Apr 2014 18:09:47 +0200 Subject: [PATCH 30/30] ide: Correct improper smart self test counter reset in ide core. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit RH-Author: Markus Armbruster Message-id: <1398449387-17441-2-git-send-email-armbru@redhat.com> Patchwork-id: 58571 O-Subject: [PATCH 6.5 qemu-kvm 1/1] ide: Correct improper smart self test counter reset in ide core. Bugzilla: 1087979 RH-Acked-by: Laszlo Ersek RH-Acked-by: Stefan Hajnoczi RH-Acked-by: Kevin Wolf From: BenoƮt Canet The SMART self test counter was incorrectly being reset to zero, not 1. This had the effect that on every 21st SMART EXECUTE OFFLINE: * We would write off the beginning of a dynamically allocated buffer * We forgot the SMART history Fix this. Signed-off-by: Benoit Canet Message-id: 1397336390-24664-1-git-send-email-benoit.canet@irqsave.net Reviewed-by: Markus Armbruster Cc: qemu-stable@nongnu.org Acked-by: Kevin Wolf [PMM: tweaked commit message as per suggestions from Markus] Signed-off-by: Peter Maydell (cherry picked from commit 940973ae0b45c9b6817bab8e4cf4df99a9ef83d7) Conflicts: hw/ide/core.c CVE-2014-2894 Signed-off-by: Markus Armbruster --- hw/ide/core.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Signed-off-by: Miroslav Rezanina --- hw/ide/core.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/hw/ide/core.c b/hw/ide/core.c index 33104ed..79a94f9 100644 --- a/hw/ide/core.c +++ b/hw/ide/core.c @@ -1604,7 +1604,7 @@ void ide_exec_cmd(IDEBus *bus, uint32_t val) case 2: /* extended self test */ s->smart_selftest_count++; if(s->smart_selftest_count > 21) - s->smart_selftest_count = 0; + s->smart_selftest_count = 1; n = 2 + (s->smart_selftest_count - 1) * 24; s->smart_selftest_data[n] = s->sector; s->smart_selftest_data[n+1] = 0x00; /* OK and finished */ -- 1.7.1