On Wed, Nov 24, 2021 at 11:15 AM Philippe Mathieu-Daudé <philmd@redhat.com>
wrote:
> Since v3:
> - Preliminary extract blk_create_empty_drive()
> - qtest checks qtest_check_clang_sanitizer() enabled
> - qtest uses null-co:// driver instead of file
>
> Philippe Mathieu-Daudé (3):
> hw/block/fdc: Extract blk_create_empty_drive()
> hw/block/fdc: Kludge missing floppy drive to fix CVE-2021-20196
> tests/qtest/fdc-test: Add a regression test for CVE-2021-20196
>
> hw/block/fdc.c | 23 ++++++++++++++++++++---
> tests/qtest/fdc-test.c | 38 ++++++++++++++++++++++++++++++++++++++
> 2 files changed, 58 insertions(+), 3 deletions(-)
>
> --
> 2.33.1
>
>
I'm testing this now. I'm going to take your word for it. If Hanna is fine
with the block-layer components of the fix, I'll probably take it, but I
will be sending a patch to remove myself as maintainer in the process,
since I don't have the time to do the "proper fix" for these devices, and
haven't for quite some time.
--js