I'm not sure what happened to v1 from Prasad, so since we are
at rc2 I took a simpler approach to fix this CVE: create an
empty drive to satisfy the BlockBackend API calls.

Added Alexander's reproducer along.

v1: https://lore.kernel.org/qemu-devel/20210123100345.642933-1-ppandit@redhat.com/

Alexander Bulekov (1):
  tests/qtest/fdc-test: Add a regression test for CVE-2021-20196

Philippe Mathieu-Daudé (1):
  hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196

 hw/block/fdc.c         | 14 +++++++++++++-
 tests/qtest/fdc-test.c | 21 +++++++++++++++++++++
 2 files changed, 34 insertions(+), 1 deletion(-)

-- 
2.31.1

Hi Philippe,

Apart from a nit on patch 1, all looks good, so:

Reviewed-by: Darren Kenny <darren.kenny@oracle.com>

Thanks,

Darren.

On Thursday, 2021-11-18 at 00:24:20 +01, Philippe Mathieu-Daudé wrote:
> I'm not sure what happened to v1 from Prasad, so since we are
> at rc2 I took a simpler approach to fix this CVE: create an
> empty drive to satisfy the BlockBackend API calls.
>
> Added Alexander's reproducer along.
>
> v1: https://lore.kernel.org/qemu-devel/20210123100345.642933-1-ppandit@redhat.com/
>
> Alexander Bulekov (1):
>   tests/qtest/fdc-test: Add a regression test for CVE-2021-20196
>
> Philippe Mathieu-Daudé (1):
>   hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196
>
>  hw/block/fdc.c         | 14 +++++++++++++-
>  tests/qtest/fdc-test.c | 21 +++++++++++++++++++++
>  2 files changed, 34 insertions(+), 1 deletion(-)
>
> -- 
> 2.31.1