xemu-project/xemu
1
0
Fork 0
mirror of https://github.com/xemu-project/xemu.git synced 2024-12-11 05:23:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
da34fed707
xemu/hw/ppc
History
Thomas Huth da34fed707 hw/ppc/spapr: Fix crash when specifying bad parameters to spapr-pci-host-bridge 
QEMU currently crashes when using bad parameters for the
spapr-pci-host-bridge device:

$ qemu-system-ppc64 -device spapr-pci-host-bridge,buid=0x123,liobn=0x321,mem_win_addr=0x1,io_win_addr=0x10
Segmentation fault

The problem is that spapr_tce_find_by_liobn() might return NULL, but
the code in spapr_populate_pci_dt() does not check for this condition
and then tries to dereference this NULL pointer.
Apart from that, the return value of spapr_populate_pci_dt() also
has to be checked for all PCI buses, not only for the last one, to
make sure we catch all errors.

Signed-off-by: Thomas Huth <thuth@redhat.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2016-04-23 16:52:20 +10:00
..
e500-ccsr.h
e500.c include/qemu/osdep.h: Don't include qapi/error.h 2016-03-22 22:20:15 +01:00
e500.h PPC: e500 pci host: Add support for ATMUs 2015-01-07 16:16:24 +01:00
e500plat.c ppc: Clean up includes 2016-01-29 15:07:22 +00:00
mac_newworld.c util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
mac_oldworld.c util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
mac.h cuda: port SET_DEVICE_LIST command to new framework 2016-02-17 09:59:30 +11:00
Makefile.objs ppc/spapr: Implement H_RANDOM hypercall in QEMU 2015-09-23 10:51:11 +10:00
mpc8544_guts.c hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
mpc8544ds.c ppc: Clean up includes 2016-01-29 15:07:22 +00:00
ppc4xx_devs.c ppc: Clean up includes 2016-01-29 15:07:22 +00:00
ppc4xx_pci.c ppc: Clean up includes 2016-01-29 15:07:22 +00:00
ppc405_boards.c hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
ppc405_uc.c Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND 2016-03-22 22:20:17 +01:00
ppc405.h
ppc440_bamboo.c loader: Add data swap option to load-elf 2016-03-04 11:30:21 +00:00
ppc_booke.c Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND 2016-03-22 22:20:17 +01:00
ppc.c Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND 2016-03-22 22:20:17 +01:00
ppce500_spin.c ppc: Clean up includes 2016-01-29 15:07:22 +00:00
prep.c util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
spapr_drc.c spapr_drc: enable immediate detach for unsignalled devices 2016-04-05 10:47:03 +10:00
spapr_events.c spapr_drc: enable immediate detach for unsignalled devices 2016-04-05 10:47:03 +10:00
spapr_hcall.c ppc: Rework POWER7 & POWER8 exception model 2016-04-05 10:38:24 +10:00
spapr_iommu.c ppc: Clean up includes 2016-01-29 15:07:22 +00:00
spapr_pci_vfio.c hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
spapr_pci.c hw/ppc/spapr: Fix crash when specifying bad parameters to spapr-pci-host-bridge 2016-04-23 16:52:20 +10:00
spapr_rng.c hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
spapr_rtas.c spapr: Fix ibm,lrdr-capacity 2016-04-08 11:18:10 +10:00
spapr_rtc.c util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
spapr_vio.c include/qemu/osdep.h: Don't include qapi/error.h 2016-03-22 22:20:15 +01:00
spapr.c hw/ppc/spapr: Fix crash when specifying bad parameters to spapr-pci-host-bridge 2016-04-23 16:52:20 +10:00
virtex_ml507.c loader: Add data swap option to load-elf 2016-03-04 11:30:21 +00:00