xemu-project/xemu
1
0
Fork 0
mirror of https://github.com/xemu-project/xemu.git synced 2025-02-22 21:42:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
xemu/hw
History
Jason Wang fdc89e90fa ne2000: fix possible out of bound access in ne2000_receive 
In ne2000_receive(), we try to assign size_ to size which converts
from size_t to integer. This will cause troubles when size_ is greater
INT_MAX, this will lead a negative value in size and it can then pass
the check of size < MIN_BUF_SIZE which may lead out of bound access of
for both buf and buf1.

Fixing by converting the type of size to size_t.

CC: qemu-stable@nongnu.org
Reported-by: Daniel Shapira <daniel@twistlock.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2018-10-19 11:15:04 +08:00
..
9pfs
9p: darwin: Explicitly cast comparisons of mode_t with -1
2018-06-29 12:32:10 +02:00
acpi
pci, pc, virtio: fixes, features
2018-09-24 18:49:11 +01:00
adc
Include qapi/error.h exactly where needed
2018-02-09 13:50:17 +01:00
alpha
change get_image_size return type to int64_t
2018-10-02 19:08:49 +02:00
arm
hw/arm/virt: add DT property /secure-chosen/stdout-path indicating secure UART
2018-10-16 16:15:01 +01:00
audio
es1370: fix ADC_FRAMEADR and ADC_FRAMECNT
2018-10-02 18:47:55 +02:00
block
block: Remove deprecated -drive option serial
2018-08-15 12:50:39 +02:00
bt
hw/bt: Replace fprintf(stderr, "*\n" with error_report()
2018-01-22 09:51:00 +01:00
char
chardev: mark the calls that allow an implicit mux monitor
2018-10-03 14:45:05 +04:00
core
hw/core/generic-loader: Compile only once, not for each target
2018-10-17 08:45:37 +02:00
cpu
hw/cpu/a15mpcore: If CPU has EL2, enable it on the GIC and wire it up
2018-08-24 13:17:34 +01:00
cris
hw/cris: Use the IEC binary prefix definitions
2018-07-02 15:41:15 +02:00
display
hw/display/cirrus_vga: Move "isa-cirrus-vga" device into a separate file
2018-10-15 09:57:33 +02:00
dma
hw/dma/pl080: Remove hw_error() if DMA is enabled
2018-08-20 11:24:33 +01:00
gpio
hw/i2c: Use DeviceClass::realize instead of I2CSlaveClass::init
2018-06-01 15:14:31 +02:00
hppa
change get_image_size return type to int64_t
2018-10-02 19:08:49 +02:00
i2c
i2c: switch ddc to use the new edid generator
2018-10-15 09:57:33 +02:00
i386
kvmclock: run KVM_KVMCLOCK_CTRL ioctl in vcpu thread
2018-10-02 19:09:13 +02:00
ide
replay: replay BH for IDE trim operation
2018-10-02 19:09:13 +02:00
input
ps2: prevent changing irq state on save and load
2018-10-02 18:47:55 +02:00
intc
hw/intc/arm_gic: Drop GIC_BASE_IRQ macro
2018-09-25 15:13:24 +01:00
ipack
hw/ipack: Use the IEC binary prefix definitions
2018-07-02 15:41:12 +02:00
ipmi
ipmi: Use proper struct reference for BT vmstate
2018-08-23 18:46:25 +02:00
isa
i2c: pm_smbus: Add the ability to force block transfer enable
2018-08-23 18:46:25 +02:00
lm32
hw/lm32: Use the IEC binary prefix definitions
2018-07-02 15:41:15 +02:00
m68k
hw/m68k: Use the IEC binary prefix definitions
2018-07-02 15:41:14 +02:00
mem
pc-dimm: assign and verify the "addr" property during pre_plug
2018-08-23 18:46:25 +02:00
microblaze
hw/microblaze/xlnx-zynqmp-pmu: Fix introspection problem in 'xlnx, zynqmp-pmu-soc'
2018-07-23 15:21:25 +01:00
mips
change get_image_size return type to int64_t
2018-10-02 19:08:49 +02:00
misc
ivshmem: Fix unplug of device "ivshmem-plain"
2018-10-10 08:01:36 +02:00
moxie
change get_image_size return type to int64_t
2018-10-02 19:08:49 +02:00
net
ne2000: fix possible out of bound access in ne2000_receive
2018-10-19 11:15:04 +08:00
nios2
hw/nios2: Use the IEC binary prefix definitions
2018-07-02 15:41:15 +02:00
nvram
hw/nvram/fw_cfg: Use memberwise copy of MemoryRegionOps struct
2018-10-02 19:09:14 +02:00
openrisc
Change references to serial_hds[] to serial_hd()
2018-04-26 13:57:00 +01:00
pci
qmp, hmp: make subsystem/system-vendor identities optional
2018-10-11 19:58:26 +01:00
pci-bridge
hw/pci: add PCI resource reserve capability to legacy PCI bridge
2018-09-07 17:05:18 -04:00
pci-host
ppc patch queue 2018-09-25
2018-09-25 13:30:45 +01:00
pcmcia
ppc
ppc patch queue 2018-09-25
2018-09-25 13:30:45 +01:00
rdma
config: split PVRDMA from RDMA
2018-08-18 18:01:34 +03:00
riscv
Error reporting & miscellaneous patches for 2018-09-24
2018-09-25 11:37:39 +01:00
s390x
hw/s390x: Include the tod-qemu also for builds with --disable-tcg
2018-10-12 11:32:19 +02:00
scsi
hw/scsi/mptendian: Avoid taking address of fields in packed structs
2018-10-02 19:09:14 +02:00
sd
sdhci: add i.MX SD Stable Clock bit
2018-08-20 11:24:32 +01:00
sh4
hw/sh4: Use the IEC binary prefix definitions
2018-07-02 15:41:15 +02:00
smbios
hw/smbios: Use the IEC binary prefix definitions
2018-07-02 15:41:12 +02:00
sparc
sun4m: don't use legacy fw_cfg_init_mem() function
2018-08-20 19:18:31 +01:00
sparc64
sun4u: implement custom FWPathProvider
2018-09-14 09:18:11 +01:00
ssi
aspeed/smc: fix some alignment issues
2018-09-25 15:13:24 +01:00
timer
aspeed/timer: fix compile breakage with clang 3.4.2
2018-09-25 15:13:24 +01:00
tpm
tpm: extend TPM TIS with state migration support
2018-05-24 12:07:04 -04:00
tricore
hw/tricore: Use the IEC binary prefix definitions
2018-07-02 15:41:14 +02:00
unicore32
hw/input/i8042: Extract declarations from i386/pc.h into input/i8042.h
2018-03-12 16:12:48 +01:00
usb
ohci: set effectively usb frame rate to 1kHz
2018-10-01 10:49:54 +02:00
vfio
vfio-pci: make vfio-pci device more QOM conventional
2018-10-15 11:22:29 -06:00
virtio
clean up callback when del virtqueue
2018-10-19 11:15:03 +08:00
watchdog
qapi: Drop qapi_event_send_FOO()'s Error ** argument
2018-08-28 18:21:38 +02:00
xen
xen: Don't use memory_region_init_ram_nomigrate() in pci_assign_dev_load_option_rom()
2018-06-22 13:28:42 +01:00
xenpv
hw/xen: Use the IEC binary prefix definitions
2018-07-02 15:41:13 +02:00
xtensa
hw/xtensa: Use the IEC binary prefix definitions
2018-07-02 15:41:14 +02:00
Makefile.objs
hw: allow compiling out SCSI
2018-06-01 15:14:31 +02:00