qemu/hw
Peter Maydell df827aace6 hw/nubus/nubus-device: Range check 'slot' property
The TYPE_NUBUS_DEVICE class lets the user specify the nubus slot
using an int32 "slot" QOM property.  Its realize method doesn't do
any range checking on this value, which Coverity notices by way of
the possibility that 'nd->slot * NUBUS_SUPER_SLOT_SIZE' might
overflow the 32-bit arithmetic it is using.

Constrain the slot value to be less than NUBUS_SLOT_NB (16).

Resolves: Coverity CID 1464070
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-ID: <20240830173452.2086140-4-peter.maydell@linaro.org>
Reviewed-by: Thomas Huth <huth@tuxfamily.org>
Reviewed-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
Signed-off-by: Thomas Huth <huth@tuxfamily.org>
2024-09-08 11:49:49 +02:00
..
9pfs hw/xen: Make XenDevOps structures const 2024-06-04 11:53:43 +02:00
acpi hw/acpi: Update CPUs AML with cpu-(ctrl)dev change 2024-07-22 20:15:41 -04:00
adc aspeed/adc: Add AST2700 support 2024-07-21 07:46:38 +02:00
alpha alpha: switch boards to "default y" 2024-05-03 15:47:47 +02:00
arm target-arm queue: 2024-09-06 13:59:37 +01:00
audio hw/audio/virtio-snd: fix invalid param check 2024-08-20 06:57:47 -04:00
avr avr: switch boards to "default y" 2024-05-03 15:47:47 +02:00
block hw/block/fdc-isa: Assert that isa_fdc_get_drive_max_chs() found something 2024-08-06 10:22:52 +02:00
char hw/char/bcm2835_aux: Fix assert when receive FIFO fills up 2024-07-29 13:34:18 +01:00
core platform-bus: fix refcount leak 2024-09-05 13:12:37 +01:00
cpu hw: Add a Kconfig switch for the TYPE_CPU_CLUSTER device 2024-04-25 12:48:12 +02:00
cris cris: switch boards to "default y" 2024-05-03 15:47:47 +02:00
cxl Misc HW patch queue 2024-07-24 15:39:43 +10:00
display hw/display/vhost-user-gpu.c: fix vhost_user_gpu_chr_read() 2024-08-23 12:10:28 +03:00
dma hw/dma/xilinx_axidma: Use semicolon at end of statement, not comma 2024-08-20 00:38:48 +02:00
fsi hw/fsi: Aspeed APB2OPB & On-chip peripheral bus 2024-02-01 08:33:18 +01:00
gpio hw/gpio/aspeed: Add reg_table_count to AspeedGPIOClass 2024-07-02 07:52:43 +02:00
hppa hw/hppa/machine: Replace g_memdup() by g_memdup2() 2024-05-08 19:42:45 +02:00
hyperv kvm: move target-dependent interrupt routing out of kvm-all.c 2024-05-03 15:47:48 +02:00
i2c hw/i2c/mpc_i2c: Fix mmio region size 2024-07-23 20:30:36 +02:00
i386 target-arm queue: 2024-09-06 13:59:37 +01:00
ide hw/ide/pci: Remove dead code from bmdma_prepare_buf() 2024-08-06 10:22:52 +02:00
input hw: arm: Remove use of tabs in some source files 2024-05-28 14:20:48 +01:00
intc hw/intc/loongson_ipi: Restrict to MIPS 2024-08-06 10:22:52 +02:00
ipack hw/ipack: Constify VMState 2023-12-29 11:17:30 +11:00
ipmi hw/ipmi: Constify VMState 2023-12-29 11:17:30 +11:00
isa hw/isa/vt82c686: Turn "intr" irq into a named gpio 2024-07-16 20:04:08 +02:00
loongarch hw/loongarch: Fix length for lowram in ACPI SRAT 2024-08-21 11:01:09 +08:00
m68k hw/m68k/mcf5208: Add URLs for datasheets 2024-09-08 11:35:43 +02:00
mem hw/cxl/cxl-mailbox-utils: Add device DDR5 ECS control feature 2024-07-21 14:42:04 -04:00
microblaze microblaze: switch boards to "default y" 2024-05-03 15:47:47 +02:00
mips hw/mips/loongson3_virt: Fix condition of IPI IOCSR connection 2024-08-20 00:28:24 +02:00
misc hw/misc/xlnx-versal-trng: Call register_finalize_block 2024-09-05 13:12:36 +01:00
net vhost: Add VIRTIO_NET_F_RSC_EXT to vhost feature bits 2024-08-20 06:57:47 -04:00
nubus hw/nubus/nubus-device: Range check 'slot' property 2024-09-08 11:49:49 +02:00
nvme hw/nvme: fix leak of uninitialized memory in io_mgmt_recv 2024-08-20 06:16:48 +02:00
nvram hm/nvram/xlnx-versal-efuse-ctrl: Call register_finalize_block 2024-09-05 13:12:37 +01:00
openrisc kconfig: express dependency of individual boards on libfdt 2024-05-10 15:45:15 +02:00
pci Revert "hw/pci: Rename has_power to enabled" 2024-08-01 04:32:00 -04:00
pci-bridge Misc HW patch queue 2024-04-25 09:43:29 -07:00
pci-host hw/pci-host/gt64120: Reset config registers during RESET phase 2024-08-06 16:24:14 +02:00
pcmcia hw/pcmcia/pxa2xx: Inline pxa2xx_pcmcia_init() 2023-10-27 12:48:57 +01:00
ppc hw: add compat machines for 9.2 2024-09-05 13:12:36 +01:00
remote hw/remote/message.c: Don't directly invoke DeviceClass:reset 2024-08-20 00:38:48 +02:00
riscv Revert "hw/riscv/virt.c: imsics DT: add '#msi-cells'" 2024-08-19 14:34:49 +10:00
rtc docs: Correct Loongarch -> LoongArch 2024-07-23 20:30:36 +02:00
rx kconfig: express dependency of individual boards on libfdt 2024-05-10 15:45:15 +02:00
s390x hw: add compat machines for 9.2 2024-09-05 13:12:36 +01:00
scsi scsi-disk: Always report RESERVATION_CONFLICT to guest 2024-08-06 20:12:39 +02:00
sd hw/sd/sdhci: Reset @data_count index on invalid ADMA transfers 2024-08-06 10:22:52 +02:00
sensor hw, target: Add ResetType argument to hold and exit phase methods 2024-04-25 10:21:06 +01:00
sh4 hw/sh4: Remove newline character in trace events 2024-06-10 13:05:27 -04:00
smbios smbios: make memory device size configurable per Machine 2024-07-22 20:15:41 -04:00
sparc sparc: switch boards to "default y" 2024-05-03 15:47:48 +02:00
sparc64 qemu-sparc queue 2024-05-06 10:19:56 -07:00
ssi hw/ppc: SPI controller wiring to P10 chip 2024-07-26 09:21:06 +10:00
timer hpet: avoid timer storms on periodic timers 2024-07-22 19:19:44 +02:00
tpm hw/tpm: Remove HOST_PAGE_ALIGN from tpm_ppi_init 2024-02-29 11:35:36 -10:00
tricore tricore: switch boards to "default y" 2024-05-03 15:47:48 +02:00
ufs hw/ufs: minor bug fixes related to ufs-test 2024-09-06 18:04:16 +09:00
usb hw/usb/u2f-passthru: Get rid of qemu_open_old() 2024-07-17 14:04:15 +03:00
vfio vfio queue: 2024-07-24 12:58:46 +10:00
virtio virtio-pci: Fix the use of an uninitialized irqfd 2024-08-20 06:57:47 -04:00
watchdog aspeed/wdt: Add AST2700 support 2024-06-16 21:08:54 +02:00
xen hw/xen: pvh-common: Add support for creating PCIe/GPEX 2024-09-04 16:50:43 +02:00
xenpv hw/xen: Register framebuffer backend via xen_backend_init() 2024-06-04 11:53:43 +02:00
xtensa hw/xtensa: require libfdt 2024-05-10 15:45:15 +02:00
Kconfig hw: Fix problem with the A*MPCORE switches in the Kconfig files 2024-04-25 12:48:12 +02:00
meson.build hw/rdma: Remove deprecated pvrdma device and rdmacm-mux helper 2024-04-24 16:03:38 +02:00