From 836c53163072f0d962fc2a2c111dd14f78e5c650 Mon Sep 17 00:00:00 2001
From: Jie Deng <jie.deng@intel.com>
Date: Tue, 24 Nov 2020 15:03:07 +0800
Subject: [PATCH] dm: virtio_console: read only when the virtqueue is ready.

CVE# CVE-2021-23902
The read should not continue if the virtqueue is not ready.

Tracked-On: #5544
Signed-off-by: Jie Deng <jie.deng@intel.com>
---
 devicemodel/hw/pci/virtio/virtio_console.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/devicemodel/hw/pci/virtio/virtio_console.c b/devicemodel/hw/pci/virtio/virtio_console.c
index 00b2147e8..32a3ca81e 100644
--- a/devicemodel/hw/pci/virtio/virtio_console.c
+++ b/devicemodel/hw/pci/virtio/virtio_console.c
@@ -459,7 +459,7 @@ virtio_console_backend_read(int fd __attribute__((unused)),
 	port = be->port;
 	vq = virtio_console_port_to_vq(port, true);
 
-	if (!be->open || !port->rx_ready) {
+	if (!be->open || !port->rx_ready || !vq_ring_ready(vq)) {
 		len = read(be->fd, dummybuf, sizeof(dummybuf));
 		if (len == 0)
 			goto close;