mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8dc0bf2647
qemu/hw
History
linzhecheng 9f91022f28 virtio-serial: fix heapover-flow 
Check device having the feature of VIRTIO_CONSOLE_F_EMERG_WRITE before
get config->emerg_wr. It is neccessary because sizeof(virtio_console_config)
is 8 byte if VirtIOSerial doesn't have the feature of
VIRTIO_CONSOLE_F_EMERG_WRITE(see virtio_serial_device_realize),
read/write emerg_wr will lead to heap-over-flow.

Signed-off-by: linzhecheng <linzhecheng@huawei.com>
Message-Id: <20180328133435.20112-1-linzhecheng@huawei.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2018-04-09 16:36:39 +02:00
..
9pfs
acpi virt_arm: acpi: reuse common build_fadt() 2018-03-13 23:09:50 +02:00
adc
alpha hw/alpha/dp264: Use the TYPE_SMC37C669_SUPERIO 2018-03-12 16:12:49 +01:00
arm mach-virt: Set VM's SMBIOS system version to mc->name 2018-03-23 18:26:46 +00:00
audio hw/audio: Fix crashes when devices are used on ISA bus without DMA 2018-03-26 14:37:13 +02:00
block fdc: Exit if ISA controller does not support DMA 2018-03-26 14:37:13 +02:00
bt
char virtio-serial: fix heapover-flow 2018-04-09 16:36:39 +02:00
core Use cpu_create(type) instead of cpu_init(cpu_model) 2018-03-19 14:10:36 -03:00
cpu
cris
display secondary-vga: properly close QemuConsole on unplug 2018-03-13 11:17:29 -06:00
dma hw/dma/i82374: Avoid double creation of the 82374 controller 2018-04-09 16:36:39 +02:00
gpio
hppa
i2c
i386 kvmclock: fix clock_is_reliable on migration from QEMU < 2.9 2018-04-09 16:36:39 +02:00
ide macio: fix NULL pointer dereference when issuing IDE trim 2018-03-27 00:38:00 -04:00
input hw/input/i8042: Extract declarations from i386/pc.h into input/i8042.h 2018-03-12 16:12:48 +01:00
intc hw/intc/arm_gicv3: Fix secure-GIC NS ICC_PMR and ICC_RPR accesses 2018-03-23 18:26:45 +00:00
ipack
ipmi qapi: Empty out qapi-schema.json 2018-03-02 13:45:50 -06:00
isa virtio,vhost,pci,pc: features, cleanups 2018-03-20 15:48:34 +00:00
lm32
m68k
mem qmp: distinguish PC-DIMM and NVDIMM in MemoryDeviceInfoList 2018-03-20 03:34:52 +02:00
microblaze
mips hw/isa/vt82c686: Add the TYPE_VT82C686B_SUPERIO 2018-03-12 16:12:49 +01:00
misc hw/misc/macio: Mark the macio devices with user_creatable = false 2018-03-18 18:27:23 +11:00
moxie
net Miscellaenous bugfixes, including crash fixes from Alexey, Peter M. and 2018-03-26 15:17:25 +01:00
nios2 nios2: 10m50_devboard: replace cpu_model with cpu_type 2018-03-19 14:09:44 -03:00
nvram
openrisc
pci virtio,vhost,pci,pc: features, cleanups 2018-03-20 15:48:34 +00:00
pci-bridge
pci-host pci: Add support for Designware IP block 2018-03-09 17:09:43 +00:00
pcmcia
ppc virtio,vhost,pci,pc: features, cleanups 2018-03-20 15:48:34 +00:00
rdma hw/rdma: Fix 32-bit compilation 2018-03-23 18:38:55 +03:00
riscv RISC-V Build Infrastructure 2018-03-07 08:30:28 +13:00
s390x hw/s390x: fix memory leak in s390_init_ipl_dev() 2018-04-03 10:03:38 +02:00
scsi hw/scsi: support SCSI-2 passthrough without PI 2018-04-09 16:36:39 +02:00
sd sdhci: fix incorrect use of Error * 2018-03-23 18:26:45 +00:00
sh4
smbios
sparc hw/dma/i8257: Rename DMA_init() to i8257_dma_init() 2018-03-12 16:12:48 +01:00
sparc64 hw/input/i8042: Extract declarations from i386/pc.h into input/i8042.h 2018-03-12 16:12:48 +01:00
ssi
timer qapi: Empty out qapi-schema.json 2018-03-02 13:45:50 -06:00
tpm tpm: CRB: Enforce locality is requested before processing buffer 2018-03-29 17:41:02 -04:00
tricore hw: Do not include "sysemu/block-backend.h" if it is not necessary 2018-03-12 16:12:46 +01:00
unicore32 hw/input/i8042: Extract declarations from i386/pc.h into input/i8042.h 2018-03-12 16:12:48 +01:00
usb usbredir: reorder fields in USBRedirDevice to reduce padding 2018-03-12 11:43:49 +01:00
vfio ppc/spapr, vfio: Turn off MSIX emulation for VFIO devices 2018-03-13 11:17:31 -06:00
virtio memfd: fix vhost-user-test on non-memfd capable host 2018-04-09 12:57:06 +02:00
watchdog qapi: Empty out qapi-schema.json 2018-03-02 13:45:50 -06:00
xen
xenpv
xtensa
Makefile.objs