mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4e68a0ee17
qemu/hw/display
History
Gerd Hoffmann 4e68a0ee17 vmsvga: don't process more than 1024 fifo commands at once 
vmsvga_fifo_run is called in regular intervals (on each display update)
and will resume where it left off.  So we can simply exit the loop,
without having to worry about how processing will continue.

Fixes: CVE-2016-4453
Cc: qemu-stable@nongnu.org
Cc: P J P <ppandit@redhat.com>
Reported-by: 李强 <liqiang6-s@360.cn>
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Message-id: 1464592161-18348-5-git-send-email-kraxel@redhat.com
2016-06-06 09:04:29 +02:00
..
ads7846.c hw/display: Clean up includes 2016-01-29 15:07:24 +00:00
bcm2835_fb.c hw: explicitly include qemu/log.h 2016-05-19 16:42:29 +02:00
blizzard.c hw/display/blizzard: Remove blizzard_template.h 2016-05-12 13:22:30 +01:00
cg3.c hw: explicitly include qemu/log.h 2016-05-19 16:42:29 +02:00
cirrus_vga_rop2.h
cirrus_vga_rop.h cirrus: Fix host CPU blits 2014-07-11 10:17:02 +02:00
cirrus_vga.c include/qemu/osdep.h: Don't include qapi/error.h 2016-03-22 22:20:15 +01:00
exynos4210_fimd.c hw/display: QOM'ify exynos4210_fimd.c 2016-05-12 13:22:27 +01:00
framebuffer.c hw/display: Clean up includes 2016-01-29 15:07:24 +00:00
framebuffer.h framebuffer: set DIRTY_MEMORY_VGA on RAM that is used for the framebuffer 2015-07-24 13:57:45 +02:00
g364fb.c hw/display: Clean up includes 2016-01-29 15:07:24 +00:00
jazz_led.c hw/display: QOM'ify jazz_led.c 2016-05-13 09:33:38 +01:00
Makefile.objs bcm2835_fb: add framebuffer device for Raspberry Pi 2016-03-16 17:42:18 +00:00
milkymist-tmu2.c lm32: Clean up includes 2016-01-29 15:07:22 +00:00
milkymist-vgafb_template.h
milkymist-vgafb.c lm32: Clean up includes 2016-01-29 15:07:22 +00:00
omap_dss.c hw/display: Clean up includes 2016-01-29 15:07:24 +00:00
omap_lcd_template.h omap_lcdc: Remove support for DEPTH != 32 2016-05-12 13:22:24 +01:00
omap_lcdc.c omap_lcdc: Remove support for DEPTH != 32 2016-05-12 13:22:24 +01:00
pl110_template.h
pl110.c hw: explicitly include qemu/log.h 2016-05-19 16:42:29 +02:00
pxa2xx_lcd.c arm: Clean up includes 2016-01-29 15:07:23 +00:00
pxa2xx_template.h
qxl-logger.c hw/display: Clean up includes 2016-01-29 15:07:24 +00:00
qxl-render.c hw/display: Clean up includes 2016-01-29 15:07:24 +00:00
qxl.c qxl: lock current_async update in qxl_soft_reset 2016-03-01 07:51:32 +01:00
qxl.h qxl: allow to specify head limit to qxl driver 2015-07-16 17:31:05 +02:00
sm501_template.h
sm501.c hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
ssd0303.c hw/display: Clean up includes 2016-01-29 15:07:24 +00:00
ssd0323.c hw/display: Clean up includes 2016-01-29 15:07:24 +00:00
tc6393xb_template.h
tc6393xb.c qemu-common: stop including qemu/host-utils.h from qemu-common.h 2016-05-19 16:42:28 +02:00
tcx.c hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
vga_int.h vga: add sr_vbe register set 2016-05-23 14:28:25 +02:00
vga-helpers.h vga: Rename vga_template.h to vga-helpers.h 2014-09-30 13:34:09 +02:00
vga-isa-mm.c hw/display: Clean up includes 2016-01-29 15:07:24 +00:00
vga-isa.c hw/display: Clean up includes 2016-01-29 15:07:24 +00:00
vga-pci.c hw/display: Clean up includes 2016-01-29 15:07:24 +00:00
vga.c vga: add sr_vbe register set 2016-05-23 14:28:25 +02:00
vga.h
virtio-gpu-3d.c virtio-gpu: check max_outputs only 2016-05-23 13:30:03 +02:00
virtio-gpu-pci.c virtio: Clean up includes 2016-01-29 15:07:23 +00:00
virtio-gpu.c virtio-gpu: fix scanout rectangles 2016-06-03 09:05:28 +02:00
virtio-vga.c virtio-vga: propagate on gpu realized error 2016-05-23 13:30:03 +02:00
vmware_vga.c vmsvga: don't process more than 1024 fifo commands at once 2016-06-06 09:04:29 +02:00
xenfb.c xenfb: use the correct condition to avoid excessive looping 2016-04-12 10:16:08 -07:00