mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
32a2d6b1f6
qemu/hw/i386
History
Peter Maydell 32a2d6b1f6 hw/i386/amd_iommu.c: Fix corruption of log events passed to guest 
In the function amdvi_log_event(), we write an event log buffer
entry into guest ram, whose contents are passed to the function
via the "uint64_t *evt" argument. Unfortunately, a spurious
'&' in the call to dma_memory_write() meant that instead of
writing the event to the guest we would write the literal value
of the pointer, plus whatever was in the following 8 bytes
on the stack. This error was spotted by Coverity.

Fix the bug by removing the '&'.

Fixes: CID 1421945
Cc: qemu-stable@nongnu.org
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <20200326105349.24588-1-peter.maydell@linaro.org>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2020-03-29 09:52:13 -04:00
..
kvm qdev: set properties with device_class_set_props() 2020-01-24 20:59:15 +01:00
xen qdev: set properties with device_class_set_props() 2020-01-24 20:59:15 +01:00
acpi-build.c hw/i386: Include "hw/mem/nvdimm.h" 2020-03-09 15:59:31 +01:00
acpi-build.h
amd_iommu.c hw/i386/amd_iommu.c: Fix corruption of log events passed to guest 2020-03-29 09:52:13 -04:00
amd_iommu.h
e820_memory_layout.c hw/i386/pc: Extract e820 memory layout code 2019-09-16 17:13:07 +02:00
e820_memory_layout.h hw/i386/pc: Extract e820 memory layout code 2019-09-16 17:13:07 +02:00
fw_cfg.c x86: move more x86-generic functions out of PC files 2019-12-17 19:33:50 +01:00
fw_cfg.h x86: move more x86-generic functions out of PC files 2019-12-17 19:33:50 +01:00
intel_iommu_internal.h intel_iommu: add present bit check for pasid table entries 2020-01-06 12:04:51 -05:00
intel_iommu.c hw/i386/intel_iommu: Fix out-of-bounds access on guest IRT 2020-03-16 23:02:22 +01:00
Kconfig tpm: Separate TPM_TIS and TPM_TIS_ISA configs 2020-03-05 12:18:00 -05:00
kvmvapic.c
Makefile.objs hw/i386/pc: Extract the port92 device 2019-12-17 19:33:51 +01:00
microvm.c x86/microvm: use memdev for RAM 2020-02-19 16:49:58 +00:00
multiboot.c hw/core/loader: Let load_elf() populate a field with CPU-specific flags 2020-01-29 19:28:52 +01:00
multiboot.h
pc_piix.c hw/ide: Remove unneeded inclusion of hw/ide.h 2020-03-17 12:22:36 -04:00
pc_q35.c hw/i386: Include "hw/mem/nvdimm.h" 2020-03-09 15:59:31 +01:00
pc_sysfw.c hw/i386/pc: move shared x86 functions to x86.c and export them 2019-10-22 09:38:42 +02:00
pc.c hw/i386: Rename apicid_from_topo_ids to x86_apicid_from_topo_ids 2020-03-17 19:48:10 -04:00
port92.c hw/i386/pc: Extract the port92 device 2019-12-17 19:33:51 +01:00
trace-events hw/i386/pc: Extract the port92 device 2019-12-17 19:33:51 +01:00
vmmouse.c hw/i386/vmmouse: Fix crash when using the vmmouse on a machine without vmport 2020-02-06 11:02:48 +01:00
vmport.c
x86-iommu-stub.c hw/i386/x86-iommu: Add missing stubs 2020-01-09 11:41:25 +00:00
x86-iommu.c qdev: set properties with device_class_set_props() 2020-01-24 20:59:15 +01:00
x86.c hw/i386: Update structures to save the number of nodes per package 2020-03-17 19:48:10 -04:00