mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
staging-9.0
qemu/hw/display
History
Marc-André Lureau 0ba0827f21 ui/win32: fix potential use-after-free with dbus shared memory 
DisplaySurface may be free before the pixman image is freed, since the
image is refcounted and used by different objects, including pending
dbus messages.

Furthermore, setting the destroy function in
create_displaysurface_from() isn't appropriate, as it may not be used,
and may be overriden as in ramfb.

Set the destroy function when the shared handle is set, use the HANDLE
directly for destroy data, using a single common helper
qemu_pixman_win32_image_destroy().

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Akihiko Odaki <akihiko.odaki@daynix.com>
Message-ID: <20241008125028.1177932-5-marcandre.lureau@redhat.com>
(cherry picked from commit 330ef31deb)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2024-11-08 13:02:57 +03:00
..
acpi-vga-stub.c acpi: pc: vga: use AcpiDevAmlIf interface to build VGA device descriptors 2022-11-07 14:00:29 -05:00
acpi-vga.c acpi: pc: vga: use AcpiDevAmlIf interface to build VGA device descriptors 2022-11-07 14:00:29 -05:00
artist.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
ati_2d.c hw/display/ati: allow compiling without PIXMAN 2023-11-07 14:04:25 +04:00
ati_dbg.c ati-vga: Add 30 bit palette access register 2023-11-06 15:58:43 +04:00
ati_int.h ati-vga: Implement fallback for pixman routines 2023-11-06 15:58:45 +04:00
ati_regs.h ati-vga: Add 30 bit palette access register 2023-11-06 15:58:43 +04:00
ati.c bulk: Access existing variables initialized to &S->F when available 2024-03-12 11:46:16 +01:00
bcm2835_fb.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
blizzard.c hw/display: fix tab indentation 2022-11-08 10:23:32 +01:00
bochs-display.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
cg3.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
cirrus_vga_internal.h hw/display/cirrus_vga: Move "isa-cirrus-vga" device into a separate file 2018-10-15 09:57:33 +02:00
cirrus_vga_isa.c display: include dependencies explicitly 2022-11-10 10:17:18 -05:00
cirrus_vga_rop2.h cirrus: fix PUTPIXEL macro 2017-03-27 12:14:45 +02:00
cirrus_vga_rop.h cirrus: fix off-by-one in cirrus_bitblt_rop_bkwd_transp_*_16 2017-03-17 10:23:44 +01:00
cirrus_vga.c vga: implement horizontal pel panning in graphics modes 2024-01-18 10:43:13 +01:00
dpcd.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
edid-generate.c edid: Fix clock of Detailed Timing Descriptor 2022-03-04 11:31:46 +01:00
edid-region.c Include exec/memory.h slightly less 2019-08-16 13:31:52 +02:00
exynos4210_fimd.c hw/display/exynos4210_fimd: Pass frame buffer memory region as link 2024-02-26 18:40:09 +01:00
framebuffer.c Include hw/hw.h exactly where needed 2019-08-16 13:31:52 +02:00
framebuffer.h framebuffer: set DIRTY_MEMORY_VGA on RAM that is used for the framebuffer 2015-07-24 13:57:45 +02:00
g364fb.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
i2c-ddc.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
jazz_led.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
Kconfig mips: do not list individual devices from configs/ 2024-03-08 15:51:22 +01:00
macfb.c hw/display/macfb: Fix missing ERRP_GUARD() in macfb_nubus_realize() 2024-03-12 11:45:33 +01:00
meson.build configure, meson: rename targetos to host_os 2023-12-31 09:11:29 +01:00
next-fb.c hw/display/next-fb: Fix comment typo 2022-12-03 22:07:07 +01:00
omap_dss.c hw/arm/omap: Drop useless casts from void * to pointer 2023-01-12 17:15:09 +00:00
omap_lcdc.c hw/arm/omap: Drop useless casts from void * to pointer 2023-01-12 17:15:09 +00:00
pl110_template.h Replace config-time define HOST_WORDS_BIGENDIAN 2022-04-06 10:50:37 +02:00
pl110.c hw/display/pl110: Pass frame buffer memory region as link property 2024-02-26 18:39:58 +01:00
pxa2xx_lcd.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
qxl-logger.c hw/display/qxl: Pass requested buffer size to qxl_phys2virt() 2022-11-29 18:15:26 -05:00
qxl-render.c ui: rename cursor_{put->unref} 2023-03-13 22:57:39 +04:00
qxl.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
qxl.h Replace "iothread lock" with "BQL" in comments 2024-01-08 10:45:43 -05:00
ramfb-standalone.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
ramfb.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
sii9022.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
sm501.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
ssd0303.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
ssd0323.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
tc6393xb.c Use g_new() & friends where that makes obvious sense 2022-03-21 15:44:44 +01:00
tcx.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
trace-events ui/spice: QXLInterface method set_mm_time() is now dead, drop 2023-01-19 13:30:01 +01:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
vga_int.h vga: implement horizontal pel panning in graphics modes 2024-01-18 10:43:13 +01:00
vga_regs.h vga: sort-of implement word and double-word access modes 2024-01-18 10:43:14 +01:00
vga-access.h vga: move access helpers to separate include file 2019-09-19 10:37:46 +02:00
vga-helpers.h vga: optimize horizontal pel panning in 256-color modes 2024-01-18 10:43:14 +01:00
vga-isa.c docs/specs/standard-vga: Convert to rST 2023-11-02 12:52:06 +00:00
vga-mmio.c display: include dependencies explicitly 2022-11-10 10:17:18 -05:00
vga-pci.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
vga.c stdvga: fix screen blanking 2024-06-20 10:04:31 +03:00
vhost-user-gpu-pci.c modules: introduces module_kconfig directive 2022-06-06 09:26:53 +02:00
vhost-user-gpu.c hw/display/vhost-user-gpu.c: fix vhost_user_gpu_chr_read() 2024-09-12 09:01:40 +03:00
vhost-user-vga.c modules: introduces module_kconfig directive 2022-06-06 09:26:53 +02:00
virtio-dmabuf.c hw/display: fix memleak from virtio_add_resource 2023-10-22 05:18:16 -04:00
virtio-gpu-base.c Fix bugs when VM shutdown with virtio-gpu unplugged 2023-12-26 04:51:07 -05:00
virtio-gpu-gl.c modules: introduces module_kconfig directive 2022-06-06 09:26:53 +02:00
virtio-gpu-pci-gl.c modules: introduces module_kconfig directive 2022-06-06 09:26:53 +02:00
virtio-gpu-pci-rutabaga.c virtio-gpu-rutabaga: Add empty interface to fix arm64 crash 2023-11-06 14:25:30 +04:00
virtio-gpu-pci.c virtio-gpu: hostmem 2023-10-16 11:29:56 +04:00
virtio-gpu-rutabaga.c virtio-gpu-rutabaga.c: override resource_destroy method 2024-02-14 06:17:44 -05:00
virtio-gpu-udmabuf-stubs.c virtio-gpu: splitting one extended mode guest fb into n-scanouts 2021-11-05 12:29:19 +01:00
virtio-gpu-udmabuf.c virtio-gpu-udmabuf: correct naming of QemuDmaBuf size properties 2023-07-17 15:22:28 +04:00
virtio-gpu-virgl.c virtio-gpu: Correct virgl_renderer_resource_get_info() error check 2024-02-14 06:09:33 -05:00
virtio-gpu.c ui/win32: fix potential use-after-free with dbus shared memory 2024-11-08 13:02:57 +03:00
virtio-vga-gl.c modules: introduces module_kconfig directive 2022-06-06 09:26:53 +02:00
virtio-vga-rutabaga.c gfxstream + rutabaga: add initial support for gfxstream 2023-10-16 11:29:56 +04:00
virtio-vga.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
virtio-vga.h hw/display/virtio-vga: Convert TYPE_VIRTIO_VGA_BASE to 3-phase reset 2022-12-16 15:59:07 +00:00
vmware_vga.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00
xenfb.c ui/input: Constify QemuInputHandler structure 2023-10-19 23:13:28 +02:00
xlnx_dp.c hw/display: Constify VMState 2023-12-29 11:17:30 +11:00