qemu/pci at 5f691ff91d323b6f97c6600405a7f9dc115a0ad1 - qemu

History

Michael S. Tsirkin 5f691ff91d hw/pci/pcie_aer.c: fix buffer overruns on invalid state load 4) CVE-2013-4529 hw/pci/pcie_aer.c pcie aer log can overrun the buffer if log_num is too large There are two issues in this file: 1. log_max from remote can be larger than on local then buffer will overrun with data coming from state file. 2. log_num can be larger then we get data corruption again with an overflow but not adversary controlled. Fix both issues. Reported-by: Anthony Liguori <anthony@codemonkey.ws> Reported-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> Reviewed-by: Dr. David Alan Gilbert <dgilbert@redhat.com> Signed-off-by: Juan Quintela <quintela@redhat.com>		2014-05-05 22:15:02 +02:00
..
Makefile.objs	Makefile.target: CONFIG_NO_* variables removed	2013-10-16 18:21:00 +02:00
msi.c	exec: Make stl_*_phys input an AddressSpace	2014-02-11 22:57:18 +10:00
msix.c	exec: Make stl_*_phys input an AddressSpace	2014-02-11 22:57:18 +10:00
pci_bridge.c	acpi,pci,pc,fedora,virtio fixes and enhancements	2014-01-10 11:04:48 -08:00
pci_host.c	hw/pci/pci_host.c: Avoid shifting left into sign bit	2014-03-27 19:22:49 +04:00
pci-hotplug-old.c	Use error_is_set() only when necessary	2014-02-17 11:57:23 -05:00
pci-stub.c	softmmu: move include files to include/sysemu/	2012-12-19 08:32:45 +01:00
pci.c	pci: Fix clearing IRQs on reset	2014-03-31 19:53:34 +01:00
pcie_aer.c	hw/pci/pcie_aer.c: fix buffer overruns on invalid state load	2014-05-05 22:15:02 +02:00
pcie_host.c	pcie_host: expose address format	2013-10-14 17:48:51 +03:00
pcie_port.c	pci/pcie: convert PCIE hotplug to use hotplug-handler API	2014-02-10 10:27:00 +02:00
pcie.c	PCIE: fix regression with coldplugged multifunction device	2014-03-09 21:09:37 +02:00
shpc.c	pci/shpc: convert SHPC hotplug to use hotplug-handler API	2014-02-10 10:27:00 +02:00
slotid_cap.c	hw: move qdev-monitor.o to toplevel directory	2013-03-01 13:54:10 +01:00