Original Xbox Emulator for Windows, macOS, and Linux (Active Development)
Go to file
Stefan Weil 5a1972c847 ppc405_uc: Fix buffer overflow
Report from smatch:

ppc405_uc.c:209 dcr_read_pob(12) error: buffer overflow 'pob->besr' 2 <= 2
ppc405_uc.c:232 dcr_write_pob(12) error: buffer overflow 'pob->besr' 2 <= 2

The old code reads and writes besr[POB0_BESR1 - POB0_BESR0] or besr[2]
which is one too much.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Signed-off-by: Alexander Graf <agraf@suse.de>
2012-10-04 15:54:18 +02:00
audio audio: Fix warning from static code analysis 2012-09-23 01:34:16 +04:00
block Merge remote-tracking branch 'kwolf/for-anthony' into staging 2012-09-25 16:06:16 -05:00
bsd-user Support 'help' as a synonym for '?' in command line options 2012-08-02 13:16:42 -05:00
default-configs arm: Move some ARM devices into libhw 2012-08-13 16:13:02 +01:00
docs Spelling fixes in comments and documentation 2012-09-14 08:21:28 +01:00
fpu fpu/softfloat.c: Return correctly signed values from uint64_to_float32 2012-10-01 22:06:39 +02:00
fsdev
gdb-xml
hw ppc405_uc: Fix buffer overflow 2012-10-04 15:54:18 +02:00
include/qemu Merge remote-tracking branch 'quintela/migration-next-20120808' into staging 2012-08-13 16:02:11 -05:00
libcacard
linux-headers Update Linux kernel headers 2012-10-01 08:04:22 -05:00
linux-user Merge remote-tracking branch 'stefanha/trivial-patches' into staging 2012-09-25 16:06:16 -05:00
net net/socket: Fix compiler warning (regression for MinGW) 2012-09-23 07:37:41 +01:00
pc-bios Update OpenBIOS PPC image 2012-08-28 20:38:39 +02:00
qapi qapi: Fix memory leak 2012-08-20 11:05:08 -03:00
qga build: Fix linking failure for qemu-ga 2012-07-29 08:41:53 +00:00
QMP Add support for pretty-printing response in qmp-shell 2012-09-05 15:48:56 -03:00
qom qom: object_delete should unparent the object first 2012-08-23 20:19:59 -05:00
roms Update OpenBIOS PPC image 2012-08-28 20:38:39 +02:00
scripts Update kernel header script to include vfio 2012-10-01 08:04:22 -05:00
slirp slirp: Implement TFTP Blocksize option 2012-09-14 00:26:55 +02:00
sysconfigs/target Eliminate cpus-x86_64.conf file 2012-09-21 15:12:58 +02:00
target-alpha Emit debug_insn for CPU_LOG_TB_OP_OPT as well. 2012-09-27 21:38:50 +02:00
target-arm Emit debug_insn for CPU_LOG_TB_OP_OPT as well. 2012-09-27 21:38:50 +02:00
target-cris Emit debug_insn for CPU_LOG_TB_OP_OPT as well. 2012-09-27 21:38:50 +02:00
target-i386 x86: Implement SMEP and SMAP 2012-10-01 08:04:22 -05:00
target-lm32 Emit debug_insn for CPU_LOG_TB_OP_OPT as well. 2012-09-27 21:38:50 +02:00
target-m68k target-m68k: Call tcg_gen_debug_insn_start 2012-09-27 21:38:50 +02:00
target-microblaze Emit debug_insn for CPU_LOG_TB_OP_OPT as well. 2012-09-27 21:38:50 +02:00
target-mips Emit debug_insn for CPU_LOG_TB_OP_OPT as well. 2012-09-27 21:38:50 +02:00
target-openrisc Emit debug_insn for CPU_LOG_TB_OP_OPT as well. 2012-09-27 21:38:50 +02:00
target-ppc target-ppc: KVM: Fix some kernel version edge cases for kvmppc_reset_htab() 2012-10-04 15:54:18 +02:00
target-s390x target-s390x: Tidy cpu_dump_state 2012-09-27 21:44:37 +02:00
target-sh4 Emit debug_insn for CPU_LOG_TB_OP_OPT as well. 2012-09-27 21:38:50 +02:00
target-sparc Emit debug_insn for CPU_LOG_TB_OP_OPT as well. 2012-09-27 21:38:50 +02:00
target-unicore32 target-unicore32: Call tcg_gen_debug_insn_start 2012-09-27 21:44:28 +02:00
target-xtensa Emit debug_insn for CPU_LOG_TB_OP_OPT as well. 2012-09-27 21:38:50 +02:00
tcg tci: Fix for AREG0 free mode 2012-09-27 21:28:25 +02:00
tests qemu-iotests: add backing file smaller than image test case 2012-08-29 15:23:35 +02:00
trace trace/simple: Replace asprintf by g_strdup_printf 2012-08-14 13:19:57 +01:00
ui Separate inet_connect into inet_connect (blocking) and inet_nonblocking_connect 2012-09-25 19:05:55 -05:00
.exrc qemu: add .exrc 2012-09-07 09:02:44 +03:00
.gitignore
.gitmodules
.mailmap
a.out.h
acl.c
acl.h
aes.c
aes.h
aio.c
alpha-dis.c
alpha.ld
arch_init.c Eliminate cpus-x86_64.conf file 2012-09-21 15:12:58 +02:00
arch_init.h win32: provide separate macros for weak decls and definitions 2012-08-15 13:26:03 -05:00
arm-dis.c
arm.ld
async.c
balloon.c
balloon.h
bitmap.c
bitmap.h
bitops.c
bitops.h bitops: drop volatile qualifier 2012-08-04 15:51:23 +00:00
block_int.h block: remove keep_read_only flag from BlockDriverState struct 2012-09-24 15:15:13 +02:00
block-migration.c savevm: split save_live into stage2 and stage3 2012-07-20 08:19:27 +02:00
block-migration.h
block.c block: remove keep_read_only flag from BlockDriverState struct 2012-09-24 15:15:13 +02:00
block.h block: Framework for reopening files safely 2012-09-24 15:15:11 +02:00
blockdev.c blockdev: preserve readonly and snapshot states across media changes 2012-09-24 15:15:11 +02:00
blockdev.h
bswap.h
bt-host.c
bt-host.h
bt-vhci.c
buffered_file.c
buffered_file.h
cache-utils.c
cache-utils.h
Changelog
cmd.c
cmd.h
CODING_STYLE
compatfd.c
compatfd.h
compiler.h w32: Always use standard instead of native format strings 2012-09-23 07:39:22 +01:00
config.h
configure configure: Allow builds without any system or user emulation 2012-09-25 18:44:34 -05:00
console.c TextConsole: saturate escape parameter in TTY_STATE_CSI 2012-09-23 07:11:28 +01:00
console.h qapi: convert screendump 2012-09-05 15:48:57 -03:00
COPYING
COPYING.LIB
coroutine-gthread.c
coroutine-sigaltstack.c
coroutine-ucontext.c configure: Split valgrind test into pragma test and valgrind.h test 2012-07-31 20:04:42 +00:00
coroutine-win32.c
cpu-all.h Remove unused CONFIG_TCG_PASS_AREG0 and dead code 2012-09-15 17:51:14 +00:00
cpu-common.h
cpu-defs.h cpu: Move thread_kicked to CPUState 2012-08-02 18:12:17 +02:00
cpu-exec.c Revert "i8259: add -no-spurious-interrupt-hack option" 2012-08-27 18:33:12 +04:00
cpus.c Drop cpu_list_id macro 2012-09-21 15:12:58 +02:00
cpus.h
cputlb.c Remove unused CONFIG_TCG_PASS_AREG0 and dead code 2012-09-15 17:51:14 +00:00
cputlb.h
cris-dis.c
cursor_hidden.xpm
cursor_left_ptr.xpm
cursor.c
cutils.c block: Enable qemu_open/close to work with fd sets 2012-08-15 13:16:22 +02:00
def-helper.h tcg: Fix MAX_OPC_PARAM_IARGS 2012-09-15 15:34:27 +00:00
device_tree.c device_tree: Add support for reading device tree properties 2012-07-20 13:34:50 +01:00
device_tree.h device_tree: Add support for reading device tree properties 2012-07-20 13:34:50 +01:00
dis-asm.h
disas.c tcg-sparc: Assume v9 cpu always, i.e. force v8plus in 32-bit mode. 2012-09-21 22:02:16 +02:00
disas.h
dma-helpers.c dma: Fix stupid typo/thinko 2012-08-16 13:41:16 -05:00
dma.h Avoid returning void 2012-07-28 09:23:11 +00:00
dump-stub.c
dump.c
dump.h
elf.h target-or32: Add target stubs and QOM cpu 2012-07-27 21:12:55 +00:00
envlist.c
envlist.h
error.c error, qerror: drop QDict member 2012-08-13 14:17:53 -03:00
error.h error: add error_setg() 2012-09-05 15:48:57 -03:00
event_notifier.c
event_notifier.h
exec-all.h tcg-sparc: Fix and enable direct TB chaining. 2012-09-21 22:02:20 +02:00
exec-memory.h
exec-obsolete.h
exec.c tcg-sparc: Assume v9 cpu always, i.e. force v8plus in 32-bit mode. 2012-09-21 22:02:16 +02:00
gdbstub.c target-xtensa: add FP registers 2012-09-22 17:59:12 +00:00
gdbstub.h
gen-icount.h
HACKING
hmp-commands.hx qapi: convert screendump 2012-09-05 15:48:57 -03:00
hmp.c Merge branch 'spice.v59' of git://anongit.freedesktop.org/spice/qemu 2012-09-10 15:32:11 +02:00
hmp.h qapi: convert screendump 2012-09-05 15:48:57 -03:00
host-utils.c
host-utils.h
hppa-dis.c
hppa.ld
i386-dis.c
i386.ld
ia64-dis.c
ia64.ld
input.c qapi: convert sendkey 2012-09-05 15:48:57 -03:00
int128.h
iohandler.c qemu-char: BUGFIX, don't call FD_ISSET with negative fd 2012-09-17 10:18:48 -05:00
ioport.c
ioport.h
iorange.h
iov.c iov_send_recv(): Handle zero bytes case even if OS does not 2012-08-15 15:21:33 +01:00
iov.h
json-lexer.c
json-lexer.h
json-parser.c json-parser: don't replicate tokens at each level of recursion 2012-08-16 13:41:15 -05:00
json-parser.h
json-streamer.c
json-streamer.h
kvm-all.c Merge remote-tracking branch 'stefanha/trivial-patches' into staging 2012-09-17 10:21:42 -05:00
kvm-stub.c kvm: Clean up irqfd API 2012-09-09 17:03:09 +03:00
kvm.h kvm: Introduce kvm_has_intx_set_mask 2012-09-10 15:29:51 +03:00
libfdt_env.h
LICENSE
linux-aio.c
lm32-dis.c
m68k-dis.c
m68k.ld
main-loop.c
main-loop.h
MAINTAINERS MAINTAINERS: Document virtex_ml507 machine 2012-10-04 15:54:16 +02:00
Makefile configure: Allow builds without any system or user emulation 2012-09-25 18:44:34 -05:00
Makefile.dis build: get dependency file directories from object file names 2012-07-28 09:16:09 +00:00
Makefile.hw build: get dependency file directories from object file names 2012-07-28 09:16:09 +00:00
Makefile.objs Adding support for libseccomp in configure and Makefile (v8) 2012-08-16 13:41:16 -05:00
Makefile.target Remove unused CONFIG_TCG_PASS_AREG0 and dead code 2012-09-15 17:51:14 +00:00
Makefile.user build: get dependency file directories from object file names 2012-07-28 09:16:09 +00:00
memory_mapping-stub.c
memory_mapping.c
memory_mapping.h
memory.c memory: Flush coalesced MMIO on mapping and state changes 2012-09-11 18:15:34 -03:00
memory.h Merge remote-tracking branch 'stefanha/trivial-patches' into staging 2012-09-17 10:21:42 -05:00
microblaze-dis.c
migration-exec.c
migration-fd.c
migration-tcp.c Fix address handling in inet_nonblocking_connect 2012-09-25 19:05:56 -05:00
migration-unix.c
migration.c Clear handler only for valid fd 2012-09-25 19:05:56 -05:00
migration.h Add XBZRLE statistics 2012-08-08 13:51:12 +02:00
mips-dis.c
mips.ld
module.c
module.h
monitor.c Merge remote-tracking branch 'mst/tags/for_anthony' into staging 2012-09-10 12:48:43 -05:00
monitor.h Merge remote-tracking branch 'mst/tags/for_anthony' into staging 2012-09-10 12:48:43 -05:00
nbd.c Separate inet_connect into inet_connect (blocking) and inet_nonblocking_connect 2012-09-25 19:05:55 -05:00
nbd.h nbd: add nbd_export_get_blockdev 2012-09-19 15:26:31 +02:00
net.c net: add receive_disabled logic to iov delivery path 2012-09-14 08:40:32 +01:00
net.h monitor: Rename+move net_handle_fd_param -> monitor_handle_fd_param 2012-09-07 09:15:08 +03:00
notify.c
notify.h
os-posix.c curses: don't initialize curses when qemu is daemonized 2012-09-23 07:11:28 +01:00
os-win32.c
osdep.c osdep: Fix compilation failure on BSD systems 2012-08-16 13:41:16 -05:00
osdep.h memory: add -machine dump-guest-core=on|off 2012-08-16 13:41:15 -05:00
oslib-posix.c
oslib-win32.c w32: Add implementation of gmtime_r, localtime_r 2012-09-23 17:09:30 +00:00
page_cache.c Add cache handling functions 2012-08-08 13:51:12 +02:00
path.c
pci-ids.txt
pflib.c
pflib.h
poison.h target-or32: Add target stubs and QOM cpu 2012-07-27 21:12:55 +00:00
posix-aio-compat.c
ppc64.ld
ppc-dis.c
ppc.ld
qapi-schema-guest.json qapi: Fix enumeration typo error 2012-09-14 08:21:29 +01:00
qapi-schema-test.json
qapi-schema.json Merge remote-tracking branch 'kwolf/for-anthony' into staging 2012-09-17 10:23:15 -05:00
qbool.c
qbool.h
qdict-test-data.txt
qdict.c
qdict.h
qemu_socket.h Fix address handling in inet_nonblocking_connect 2012-09-25 19:05:56 -05:00
qemu-aio.h
qemu-barrier.h
qemu-bridge-helper.c net: Add interface to bridge when SIOCBRADDIF isn't available 2012-08-01 12:28:51 +01:00
qemu-char.c Fix address handling in inet_nonblocking_connect 2012-09-25 19:05:56 -05:00
qemu-char.h
qemu-common.h net/socket: Fix compiler warning (regression for MinGW) 2012-09-23 07:37:41 +01:00
qemu-config.c add a boot parameter to set reboot timeout 2012-09-25 20:05:04 -05:00
qemu-config.h Command line support for seccomp with -sandbox (v8) 2012-08-16 13:41:16 -05:00
qemu-coroutine-int.h
qemu-coroutine-io.c
qemu-coroutine-lock.c
qemu-coroutine-sleep.c
qemu-coroutine.c
qemu-coroutine.h
qemu-doc.texi iscsi: Pick default initiator-name based on the name of the VM 2012-08-09 15:04:09 +02:00
qemu-error.c
qemu-error.h
qemu-file.h
qemu-ga.c qemu-ga: Remove unreachable code after g_error 2012-09-23 07:11:28 +01:00
qemu-img-cmds.hx qemu-img: Add json output option to the info command. 2012-09-12 15:50:09 +02:00
qemu-img.c Merge remote-tracking branch 'kwolf/for-anthony' into staging 2012-09-17 10:23:15 -05:00
qemu-img.texi Merge remote-tracking branch 'kwolf/for-anthony' into staging 2012-09-17 10:23:15 -05:00
qemu-io.c qemu-io: add "abort" command to simulate program crash 2012-08-06 22:39:14 +02:00
qemu-lock.h
qemu-log.c
qemu-log.h
qemu-nbd.c qemu-nbd: rewrite termination conditions to use a state machine 2012-09-19 15:26:29 +02:00
qemu-nbd.texi
qemu-objects.h
qemu-option-internal.h expose QemuOpt and QemuOpts struct definitions to interested parties 2012-07-23 11:55:17 +01:00
qemu-option.c Support 'help' as a synonym for '?' in command line options 2012-08-02 13:16:42 -05:00
qemu-option.h Support 'help' as a synonym for '?' in command line options 2012-08-02 13:16:42 -05:00
qemu-options-wrapper.h
qemu-options.h
qemu-options.hx add a boot parameter to set reboot timeout 2012-09-25 20:05:04 -05:00
qemu-os-posix.h curses: don't initialize curses when qemu is daemonized 2012-09-23 07:11:28 +01:00
qemu-os-win32.h Merge remote-tracking branch 'stefanha/trivial-patches' into staging 2012-09-25 16:06:16 -05:00
qemu-progress.c
qemu-queue.h
qemu-seccomp.c Adding qemu-seccomp.[ch] (v8) 2012-08-16 13:41:16 -05:00
qemu-seccomp.h Adding qemu-seccomp.[ch] (v8) 2012-08-16 13:41:16 -05:00
qemu-sockets.c Fix address handling in inet_nonblocking_connect 2012-09-25 19:05:56 -05:00
qemu-tech.texi doc: Fix indefinite article an -> a before nouns that begin with 'h' 2012-07-17 15:40:14 -05:00
qemu-thread-posix.c qemu-thread: Let qemu_thread_is_self() return bool 2012-08-02 18:11:11 +02:00
qemu-thread-posix.h
qemu-thread-win32.c qemu-thread: Let qemu_thread_is_self() return bool 2012-08-02 18:11:11 +02:00
qemu-thread-win32.h
qemu-thread.h qemu-thread: Let qemu_thread_is_self() return bool 2012-08-02 18:11:11 +02:00
qemu-timer-common.c
qemu-timer.c qemu-timer: simplify qemu_run_timers 2012-09-23 07:11:29 +01:00
qemu-timer.h tcg-sparc: Assume v9 cpu always, i.e. force v8plus in 32-bit mode. 2012-09-21 22:02:16 +02:00
qemu-tls.h
qemu-tool.c block: Enable qemu_open/close to work with fd sets 2012-08-15 13:16:22 +02:00
qemu-user.c block: Enable qemu_open/close to work with fd sets 2012-08-15 13:16:22 +02:00
qemu-x509.h
qemu-xattr.h
qemu.sasl
qerror.c error, qerror: drop QDict member 2012-08-13 14:17:53 -03:00
qerror.h error, qerror: drop QDict member 2012-08-13 14:17:53 -03:00
qfloat.c
qfloat.h
qint.c
qint.h
qjson.c
qjson.h
qlist.c qlist: add qlist_size() 2012-08-16 13:41:15 -05:00
qlist.h qlist: add qlist_size() 2012-08-16 13:41:15 -05:00
qmp-commands.hx qapi: convert screendump 2012-09-05 15:48:57 -03:00
qmp.c win32: provide separate macros for weak decls and definitions 2012-08-15 13:26:03 -05:00
qobject.h json-parser: Fix potential NULL pointer segfault 2012-09-05 15:48:57 -03:00
qstring.c
qstring.h
qtest.c
qtest.h
range.h
readline.c
readline.h
README
rules.mak Support using a different compiler for Objective-C files 2012-08-16 13:41:15 -05:00
s390-dis.c
s390.ld
savevm.c Merge remote-tracking branch 'agraf/ppc-for-upstream' into staging 2012-08-15 14:59:21 -05:00
sh4-dis.c
softmmu_defs.h Remove unused CONFIG_TCG_PASS_AREG0 and dead code 2012-09-15 17:51:14 +00:00
softmmu_exec.h
softmmu_header.h Remove unused CONFIG_TCG_PASS_AREG0 and dead code 2012-09-15 17:51:14 +00:00
softmmu_template.h Remove unused CONFIG_TCG_PASS_AREG0 and dead code 2012-09-15 17:51:14 +00:00
softmmu-semi.h softmmu-semi: fix lock_user* functions not to deref NULL upon OOM 2012-08-22 10:47:14 -05:00
sparc64.ld
sparc-dis.c
sparc.ld
spice-qemu-char.c
sysemu.h Cleanup unused global var qemu_system_powerdown 2012-09-25 18:37:41 -05:00
targphys.h
tcg-runtime.c
tci-dis.c
tci.c tci: Fix for AREG0 free mode 2012-09-27 21:28:25 +02:00
thunk.c
thunk.h
TODO
trace-events Merge branch 'usb.65' of git://git.kraxel.org/qemu 2012-09-21 19:53:26 +02:00
translate-all.c
uboot_image.h
user-exec.c Remove unused CONFIG_TCG_PASS_AREG0 and dead code 2012-09-15 17:51:14 +00:00
VERSION Open up 1.3 development tree 2012-09-05 11:44:53 -05:00
version.rc
vgafont.h
vl.c add a boot parameter to set reboot timeout 2012-09-25 20:05:04 -05:00
vmstate.h vmstate: add VMSTATE_TIMER_V 2012-09-10 13:52:28 -05:00
x86_64.ld
xen-all.c xen-all.c: fix multiply issue for int and uint types 2012-08-22 10:17:43 +00:00
xen-mapcache.c Fix invalidate if memory requested was not bucket aligned 2012-08-22 10:17:04 +00:00
xen-mapcache.h
xen-stub.c

Read the documentation in qemu-doc.html or on http://wiki.qemu.org

- QEMU team