Merging upstream version 7.0.16-dfsg.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-16 22:55:46 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-16 22:55:46 +0000
commit: 96647a898d62d699808316238dfb933d960413f2 (patch)
tree: 0138491ada40b7b3fcb80d4b219fa7922ae8f512 /src/VBox/VMM/VMMAll/PGMAllPhys.cpp
parent: Adding debian version 7.0.14-dfsg-4. (diff)
download: virtualbox-96647a898d62d699808316238dfb933d960413f2.tar.xz
virtualbox-96647a898d62d699808316238dfb933d960413f2.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/src/VBox/VMM/VMMAll/PGMAllPhys.cpp b/src/VBox/VMM/VMMAll/PGMAllPhys.cpp
index 457f7de0..9aa351d9 100644
--- a/src/VBox/VMM/VMMAll/PGMAllPhys.cpp
+++ b/src/VBox/VMM/VMMAll/PGMAllPhys.cpp
@@ -2504,6 +2504,11 @@ static VBOXSTRICTRC pgmPhysReadHandler(PVMCC pVM, PPGMPAGE pPage, RTGCPHYS GCPhy
 
             /* Release the PGM lock as MMIO handlers take the IOM lock. (deadlock prevention) */
             PGM_UNLOCK(pVM);
+            /* If the access origins with a device, make sure the buffer is initialized
+               as a guard against leaking heap, stack and other info via badly written
+               MMIO handling. @bugref{10651} */
+            if (enmOrigin == PGMACCESSORIGIN_DEVICE)
+                memset(pvBuf, 0xff, cb);
             rcStrict = pfnHandler(pVM, pVCpu, GCPhys, (void *)pvSrc, pvBuf, cb, PGMACCESSTYPE_READ, enmOrigin, uUser);
             PGM_LOCK_VOID(pVM);
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-16 22:55:46 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-16 22:55:46 +0000
commit	96647a898d62d699808316238dfb933d960413f2 (patch)
tree	0138491ada40b7b3fcb80d4b219fa7922ae8f512 /src/VBox/VMM/VMMAll/PGMAllPhys.cpp
parent	Adding debian version 7.0.14-dfsg-4. (diff)
download	virtualbox-96647a898d62d699808316238dfb933d960413f2.tar.xz virtualbox-96647a898d62d699808316238dfb933d960413f2.zip