xemu-project/xemu
1
0
Fork 0
mirror of https://github.com/xemu-project/xemu.git synced 2024-12-04 09:53:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
d3cdc49138
xemu/hw
History
Prasad J Pandit d3cdc49138 scsi: esp: check buffer length before reading scsi command 
The 53C9X Fast SCSI Controller(FSC) comes with an internal 16-byte
FIFO buffer. It is used to handle command and data transfer.
Routine get_cmd() in non-DMA mode, uses 'ti_size' to read scsi
command into a buffer. Add check to validate command length against
buffer size to avoid any overrun.

Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <1464717207-7549-1-git-send-email-ppandit@redhat.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-06-16 18:39:05 +02:00
..
9pfs all: Remove unnecessary glib.h includes 2016-06-07 18:19:24 +03:00
acpi acpi: make bios_linker_loader_add_checksum() API offset based 2016-06-07 15:39:27 +03:00
alpha
arm arm: xlnx-zynqmp: Add xlnx-dp and xlnx-dpdma 2016-06-14 16:01:03 +01:00
audio audio: Use DIV_ROUND_UP 2016-06-07 18:19:25 +03:00
block os-posix: include sys/mman.h 2016-06-16 18:39:03 +02:00
bt bt: rewrite csrhci_write to avoid out-of-bounds writes 2016-05-29 09:11:11 +02:00
char os-posix: include sys/mman.h 2016-06-16 18:39:03 +02:00
core qdev_try_create(): Assert that devices we put onto the system bus are SysBusDevices 2016-06-14 15:07:43 +01:00
cpu
cris hw/char: QOM'ify etraxfs_ser.c 2016-05-29 09:11:10 +02:00
display os-posix: include sys/mman.h 2016-06-16 18:39:03 +02:00
dma introduce xlnx-dpdma 2016-06-14 16:01:03 +01:00
gpio hw/gpio: QOM'ify zaurus.c 2016-06-14 15:59:13 +01:00
i2c hw/i2c-ddc.c: Implement DDC I2C slave 2016-06-14 15:59:15 +01:00
i386 os-posix: include sys/mman.h 2016-06-16 18:39:03 +02:00
ide macio: call dma_memory_unmap() at the end of each DMA transfer 2016-06-14 10:43:24 +10:00
input
intc s390x/kvm: add interface for clearing IO irqs 2016-06-14 13:34:50 +02:00
ipack
ipmi hw/ipmi: fix spelling 2016-06-07 18:02:48 +03:00
isa ICH9: fix typo 2016-06-07 18:19:23 +03:00
lm32 hw/char: QOM'ify milkymist-uart.c 2016-05-29 09:11:10 +02:00
m68k
mem pc-dimm: introduce realize callback 2016-06-07 15:39:28 +03:00
microblaze hw/char: QOM'ify xilinx_uartlite model 2016-06-06 16:59:32 +01:00
mips
misc os-posix: include sys/mman.h 2016-06-16 18:39:03 +02:00
moxie
net clean-includes: run it once more 2016-06-16 18:39:03 +02:00
nvram fw_cfg: follow CODING_STYLE 2016-06-07 18:19:23 +03:00
openrisc
pci pcie: Introduce function for DSN capability creation 2016-06-02 10:42:26 +08:00
pci-bridge
pci-host
pcmcia
ppc spapr: Ensure all LMBs are represented in ibm,dynamic-memory 2016-06-14 13:20:01 +10:00
s390x s390x: Limit s390-ccw machines to 248 CPUs 2016-06-14 14:00:05 +02:00
scsi scsi: esp: check buffer length before reading scsi command 2016-06-16 18:39:05 +02:00
sd hw/sd: QOM'ify pl181.c 2016-06-14 15:59:14 +01:00
sh4
smbios
sparc
sparc64
ssi
timer hw: Clean up includes 2016-06-07 18:19:23 +03:00
tpm
tricore
unicore32
usb os-posix: include sys/mman.h 2016-06-16 18:39:03 +02:00
vfio os-posix: include sys/mman.h 2016-06-16 18:39:03 +02:00
virtio os-posix: include sys/mman.h 2016-06-16 18:39:03 +02:00
watchdog
xen os-posix: include sys/mman.h 2016-06-16 18:39:03 +02:00
xenpv
xtensa replace muldiv64(a, b, c) by (uint64_t)a * b / c 2016-06-07 18:02:49 +03:00
Makefile.objs