mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
8,706 Commits 50 Branches 394 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Jim Paris c4c0e236be usb-linux.c: fix buffer overflow 
In usb-linux.c:usb_host_handle_control, we pass a 1024-byte buffer and
length to the kernel.  However, the length was provided by the caller
of dev->handle_packet, and is not checked, so the kernel might provide
too much data and overflow our buffer.

For example, hw/usb-uhci.c could set the length to 2047.
hw/usb-ohci.c looks like it might go up to 4096 or 8192.

This causes a qemu crash, as reported here:
  http://www.mail-archive.com/kvm@vger.kernel.org/msg18447.html

This patch increases the usb-linux.c buffer size to 2048 to fix the
specific device reported, and adds a check to avoid the overflow in
any case.

Signed-off-by: Jim Paris <jim@jtan.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
2009-09-11 10:19:42 -05:00
audio
Remove bit-rotten threshold handling
2009-09-10 21:09:09 +04:00
block
qcow2: Order concurrent AIO requests on the same unallocated cluster
2009-09-09 17:31:26 -05:00
bsd-user
bsd-user: Add generic env variable handling
2009-08-15 10:35:42 +00:00
darwin-user
Replace local ADDRX/PADDRX macros with TARGET_FMT_lx/plx
2009-08-16 11:13:18 +00:00
fpu
rename NEEDS_LIBSUNMATH to CONFIG_NEEDS_LIBSUNMATH
2009-07-27 14:10:55 -05:00
gdb-xml
gdb-xml: fix hacks in powerpc register numbering
2009-07-12 23:42:05 +02:00
hw
virtio-blk: Use bdrv_aio_multiwrite
2009-09-11 10:18:06 -05:00
linux-user
F_DUPFD_CLOEXEC is not universally available
2009-09-10 20:27:36 +04:00
pc-bios
Update OpenBIOS images to r577
2009-09-11 09:13:04 +02:00
roms
Bring pcbios, seabios, and vgabios into the tree as git submodules. Right now,
2009-09-04 10:13:29 -05:00
slirp
Fix Sparse warnings: add "static"
2009-09-05 10:14:07 +00:00
target-alpha
cleanup cpu-exec.c, part 0/N: consolidate handle_cpu_signal
2009-08-24 08:21:42 -05:00
target-arm
cleanup cpu-exec.c, part 0/N: consolidate handle_cpu_signal
2009-08-24 08:21:42 -05:00
target-cris
cleanup cpu-exec.c, part 0/N: consolidate handle_cpu_signal
2009-08-24 08:21:42 -05:00
target-i386
Fix Sparse warnings: add "static"
2009-09-05 10:14:07 +00:00
target-m68k
cleanup cpu-exec.c, part 0/N: consolidate handle_cpu_signal
2009-08-24 08:21:42 -05:00
target-microblaze
microblaze: Trap if QEMU finds an unknown insns.
2009-09-11 10:38:31 +02:00
target-mips
target-mips: fix conditional moves off fp condition codes
2009-08-25 18:05:27 +02:00
target-ppc
kvm: Simplify cpu_synchronize_state()
2009-08-27 20:35:30 -05:00
target-sh4
cleanup cpu-exec.c, part 0/N: consolidate handle_cpu_signal
2009-08-24 08:21:42 -05:00
target-sparc
cleanup cpu-exec.c, part 0/N: consolidate handle_cpu_signal
2009-08-24 08:21:42 -05:00
tcg
X86_64: Use proper jumps/calls when displacement exceeds +-2G
2009-09-11 01:38:52 +04:00
tests
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
.gitignore
multiboot.raw is a generated file
2009-08-27 20:30:22 -05:00
.gitmodules
Bring pcbios, seabios, and vgabios into the tree as git submodules. Right now,
2009-09-04 10:13:29 -05:00
a.out.h
acl.c
rename HAVE_FNMATCH_H to CONFIG_FNMATCH
2009-07-27 14:09:20 -05:00
acl.h
aes.c
aes.h
aio.c
Handle BH's queued by AIO completions in qemu_aio_flush()
2009-07-22 10:58:46 -05:00
alpha-dis.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
alpha.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
arm-dis.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
arm-semi.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
arm.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
balloon.h
block_int.h
Add bdrv_aio_multiwrite
2009-09-11 10:18:06 -05:00
block.c
Add bdrv_aio_multiwrite
2009-09-11 10:18:06 -05:00
block.h
Add bdrv_aio_multiwrite
2009-09-11 10:18:06 -05:00
bswap.h
rename WORDS_BIGENDIAN to HOST_WORDS_BIGENDIAN
2009-07-27 14:09:21 -05:00
bt-host.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
bt-host.h
bt-vhci.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
buffered_file.c
Fix compilation warnings when DEBUG_BUFFERED_FILE is defined
2009-09-09 17:31:26 -05:00
buffered_file.h
cache-utils.c
cache-utils.h
Changelog
check-qdict.c
Introduce QDict unit-tests
2009-09-04 09:37:34 -05:00
check-qint.c
Introduce QInt unit-tests
2009-09-04 09:37:33 -05:00
check-qstring.c
Introduce QString unit-tests
2009-09-04 09:37:34 -05:00
cmd.c
qemu-io: Improve portability (win32 now supported).
2009-09-09 14:57:20 -05:00
cmd.h
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
cocoa.m
CODING_STYLE
configure
configure: fix Linux AIO detection
2009-09-09 17:31:27 -05:00
console.c
rename WORDS_BIGENDIAN to HOST_WORDS_BIGENDIAN
2009-07-27 14:09:21 -05:00
console.h
monitor: Port handler_1 to use QDict
2009-09-04 09:37:31 -05:00
COPYING
COPYING.LIB
cpu-all.h
Fix conditional compilation (MIPS host)
2009-09-11 10:19:34 -05:00
cpu-common.h
Make CPURead/WriteFunc structure 'const'
2009-08-25 18:29:31 +00:00
cpu-defs.h
extend -smp parsing to include cores= and threads= options
2009-08-27 19:33:15 -05:00
cpu-exec.c
cleanup cpu-exec.c, part 0/N: consolidate handle_cpu_signal
2009-08-24 08:21:42 -05:00
create_config
We also need TARGET_<arechname> in Makefiles
2009-08-10 13:05:46 -05:00
cris-dis.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
curses_keys.h
Fix Sparse warnings: "Using plain integer as NULL pointer"
2009-07-31 21:16:51 +00:00
curses.c
Fix Sparse warnings: "Using plain integer as NULL pointer"
2009-07-31 21:16:51 +00:00
cutils.c
Add bdrv_aio_multiwrite
2009-09-11 10:18:06 -05:00
d3des.c
d3des.h
def-helper.h
def-helper.h allow helpers returning pointers
2009-08-22 17:23:55 +00:00
device_tree.c
device_tree.h
dis-asm.h
disas.c
rename WORDS_BIGENDIAN to HOST_WORDS_BIGENDIAN
2009-07-27 14:09:21 -05:00
disas.h
dma-helpers.c
fully split aio_pool from BlockDriver
2009-05-27 09:46:03 -05:00
dma.h
fully split aio_pool from BlockDriver
2009-05-27 09:46:03 -05:00
dyngen-exec.h
rename HOST_BSD to CONFIG_BSD
2009-07-27 14:09:20 -05:00
elf_ops.h
Fix symfind.
2009-08-10 13:05:25 -05:00
elf.h
Avoid name clashes with symbols that leak from system headers
2009-07-18 13:16:51 +04:00
envlist.c
linux-user: compile envlist.c only once
2009-08-15 08:47:42 +00:00
envlist.h
linux-user: compile envlist.c only once
2009-08-15 08:47:42 +00:00
exec-all.h
Unbreak large mem support by removing kqemu
2009-08-24 08:02:55 -05:00
exec.c
microblaze: Trap on bus accesses to unmapped areas.
2009-09-03 13:25:09 +02:00
feature_to_c.sh
Fix Sparse warnings: "Using plain integer as NULL pointer"
2009-07-31 21:16:51 +00:00
gdbstub.c
kvm: Simplify cpu_synchronize_state()
2009-08-27 20:35:30 -05:00
gdbstub.h
gen-icount.h
host-utils.c
user: compile host-utils.c only once
2009-08-16 08:03:26 +00:00
host-utils.h
user: compile host-utils.c only once
2009-08-16 08:03:26 +00:00
hostregs_helper.h
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
hpet.h
hppa-dis.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
hppa.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
hxtool
Fix hxtool.
2009-07-02 17:54:34 +00:00
i386-dis.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
i386.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
ia64.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
ioport-user.c
ioport: use uint{32, 16, 8}_t for ioport value and pio_addr_t for ioport address.
2009-07-16 17:28:50 -05:00
ioport.c
Make ioport default tables const
2009-09-06 16:32:13 +00:00
ioport.h
ioport: use uint{32, 16, 8}_t for ioport value and pio_addr_t for ioport address.
2009-07-16 17:28:50 -05:00
keymaps.c
Fix Sparse warnings: "Using plain integer as NULL pointer"
2009-07-31 21:16:51 +00:00
keymaps.h
kvm-all.c
kvm: Simplify cpu_synchronize_state()
2009-08-27 20:35:30 -05:00
kvm.h
kvm: Simplify cpu_synchronize_state()
2009-08-27 20:35:30 -05:00
libfdt_env.h
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
LICENSE
linux-aio.c
raw-posix: add Linux native AIO support
2009-08-27 20:30:22 -05:00
loader.c
rename WORDS_BIGENDIAN to HOST_WORDS_BIGENDIAN
2009-07-27 14:09:21 -05:00
m68k-dis.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
m68k-semi.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
m68k.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
MAINTAINERS
Unbreak large mem support by removing kqemu
2009-08-24 08:02:55 -05:00
Makefile
qdev/scsi: add scsi bus support to qdev, convert drivers.
2009-09-09 14:57:19 -05:00
Makefile.hw
qemu: move virtio-pci.o to near pci.o
2009-08-24 08:46:47 -05:00
Makefile.target
qdev/isa: convert ne2000
2009-09-10 19:48:01 +04:00
microblaze-dis.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
migration-exec.c
unify popen/fopen qemu wrappers
2009-08-24 08:02:55 -05:00
migration-fd.c
add file descriptor migration
2009-08-27 19:33:15 -05:00
migration-tcp.c
fix migration to obey -S
2009-07-30 09:50:36 -05:00
migration-unix.c
Migration via unix sockets.
2009-08-24 08:01:42 -05:00
migration.c
monitor: Port handler_2 to use QDict
2009-09-04 09:37:31 -05:00
migration.h
monitor: Port handler_2 to use QDict
2009-09-04 09:37:31 -05:00
mips-dis.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
mips.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
module.c
module.h
monitor.c
monitor: Update supported types documentation
2009-09-04 09:37:33 -05:00
monitor.h
monitor: Export QDict header
2009-09-04 09:37:30 -05:00
nbd.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
nbd.h
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
net-checksum.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
net.c
Include sys-queue.h early to override system queue definitions on BSD
2009-09-04 17:47:09 +00:00
net.h
monitor: Port handler_3 to use QDict
2009-09-04 09:37:31 -05:00
osdep.c
Only build osdep once
2009-08-24 08:02:55 -05:00
osdep.h
move useful type definitons to osdep.h
2009-08-27 20:30:20 -05:00
path.c
user: compile path.c only once
2009-08-15 07:51:59 +00:00
pci-ids.txt
posix-aio-compat.c
raw-posix: refactor AIO support
2009-08-27 20:30:22 -05:00
ppc64.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
ppc-dis.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
ppc.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
qdict-test-data.txt
Introduce QDict test data file
2009-09-04 09:37:34 -05:00
qdict.c
Shuffle lines to avoid gcc 3 warning about redundant redeclaration
2009-09-04 17:43:37 +00:00
qdict.h
Introduce QDict
2009-09-04 09:37:29 -05:00
qemu_socket.h
qemu-aio.h
fix qemu_aio_flush
2009-06-15 13:52:27 +02:00
qemu-binfmt-conf.sh
qemu-char.c
char: Emit 'CLOSED' events on char device close
2009-08-24 08:21:42 -05:00
qemu-char.h
char: Emit 'CLOSED' events on char device close
2009-08-24 08:21:42 -05:00
qemu-common.h
Add bdrv_aio_multiwrite
2009-09-11 10:18:06 -05:00
qemu-config.c
raw-posix: add Linux native AIO support
2009-08-27 20:30:22 -05:00
qemu-config.h
QemuOpts: switch over -device.
2009-08-10 13:05:27 -05:00
qemu-doc.texi
Add information w.r.t default GUS IRQ assigment
2009-09-10 20:05:59 +04:00
qemu-img-cmds.hx
Use hxtool for qemu-img command list
2009-06-07 09:59:47 +03:00
qemu-img.c
qmu-img: fix qemu-img convert to generate a valid image when the source referenced a backing file
2009-07-22 10:58:47 -05:00
qemu-img.texi
Add new block driver for the VDI format (only aio supported)
2009-08-10 13:05:30 -05:00
qemu-io.c
qemu-io: Improve portability (win32 now supported).
2009-09-09 14:57:20 -05:00
qemu-lock.h
rename USE_NPTL to CONFIG_USE_NPTL
2009-07-27 14:10:55 -05:00
qemu-log.h
qemu-malloc.c
qemu-monitor.hx
monitor: New format for handlers argument types
2009-09-04 09:37:29 -05:00
qemu-nbd.c
Fix Sparse warnings: "Using plain integer as NULL pointer"
2009-07-31 21:16:51 +00:00
qemu-nbd.texi
qemu-option.c
mv from strdup to qemu_strdup in qemu-option.c
2009-09-09 14:57:21 -05:00
qemu-option.h
QemuOpts: add some functions
2009-08-10 13:05:25 -05:00
qemu-options.hx
add documentation for multi-core features
2009-09-04 09:37:26 -05:00
qemu-sockets.c
qemu-tech.texi
Unbreak large mem support by removing kqemu
2009-08-24 08:02:55 -05:00
qemu-thread.c
qemu-thread: use pthread_equal
2009-07-22 10:58:49 -05:00
qemu-thread.h
qemu-timer.h
variable timer intervals
2009-08-10 13:05:31 -05:00
qemu-tool.c
Fix most warnings (errors with -Werror) when debugging is enabled
2009-07-20 17:19:25 +00:00
qemu.sasl
qint.c
Shuffle lines to avoid gcc 3 warning about redundant redeclaration
2009-09-04 17:43:37 +00:00
qint.h
Introduce QInt
2009-09-04 09:37:29 -05:00
qobject.h
Introduce QDict
2009-09-04 09:37:29 -05:00
qstring.c
Shuffle lines to avoid gcc 3 warning about redundant redeclaration
2009-09-04 17:43:37 +00:00
qstring.h
Introduce QString
2009-09-04 09:37:29 -05:00
readline.c
readline: Remove unneeded qemu_mallocz() check
2009-06-16 15:18:37 -05:00
readline.h
README
rules.mak
Remove CFLAGS parameter in cc-option
2009-09-09 17:31:24 -05:00
s390-dis.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
s390.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
savevm.c
savevm: Convert loadvm handlers list to LIST
2009-09-09 14:55:16 -05:00
sdl_keysym.h
Fix Sparse warnings: "Using plain integer as NULL pointer"
2009-07-31 21:16:51 +00:00
sdl_zoom_template.h
sdl zooming
2009-06-29 08:52:44 -05:00
sdl_zoom.c
Fix sdl_zoom compile problems on OpenBSD
2009-07-01 18:49:34 +00:00
sdl_zoom.h
Remove SDL/ prefix
2009-07-08 18:25:37 +04:00
sdl.c
Allow to unscale the output window with a Ctrl-Alt-u hotkey
2009-09-10 05:16:16 +04:00
sh4-dis.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
softmmu_defs.h
softmmu_exec.h
softmmu_header.h
Remove dead i386 assembly code from softmmu_header.h
2009-07-16 17:28:50 -05:00
softmmu_template.h
Unbreak large mem support by removing kqemu
2009-08-24 08:02:55 -05:00
softmmu-semi.h
sparc64.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
sparc-dis.c
Fix Sparse warnings: "Using plain integer as NULL pointer"
2009-07-31 21:16:51 +00:00
sparc.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
sys-queue.h
Add LIST_FOREACH_SAFE() definition
2009-09-09 14:55:16 -05:00
sysemu.h
monitor: Port handler_3 to use QDict
2009-09-04 09:37:31 -05:00
tap-win32.c
tap-win32: Use correct headers.
2009-07-27 14:09:15 -05:00
targphys.h
kvm: Mark full address range dirty on live migration start
2009-05-28 02:14:56 -05:00
texi2pod.pl
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
thunk.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
thunk.h
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
TODO
translate-all.c
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
uboot_image.h
Update to a hopefully more future proof FSF address
2009-07-16 20:47:01 +00:00
usb-bsd.c
USB: use opaque parameter passing for monitor handle
2009-09-07 19:00:18 +00:00
usb-linux.c
usb-linux.c: fix buffer overflow
2009-09-11 10:19:42 -05:00
usb-stub.c
VERSION
Update version for 0.11 development
2009-07-16 18:12:18 -05:00
vgafont.h
vl.c
Revert "don't call cpu_sychronize_state from reset handlers"
2009-09-11 10:18:06 -05:00
vnc_keysym.h
More NULL pointer fixes
2009-08-01 10:13:20 +00:00
vnc-auth-sasl.c
vnc-auth-sasl.h
vnc-auth-vencrypt.c
vnc-auth-vencrypt.h
vnc-tls.c
vnc-tls.h
vnc.c
When using stdio monitor and VNC display, one can set or clear a VNC password; this should set or turn off VNC authentication as well.
2009-08-24 08:01:40 -05:00
vnc.h
variable timer intervals
2009-08-10 13:05:31 -05:00
vnchextile.h
single vnc server surface
2009-08-10 13:05:30 -05:00
x86_64.ld
set SEARCH_PATH for the linker script from output of ld --verbose -v
2009-07-27 14:10:56 -05:00
x_keymap.c
x_keymap.h

README 

Read the documentation in qemu-doc.html.

Fabrice Bellard.
Description
No description provided
Readme 404 MiB
Languages
C 82.6%
C++ 6.5%
Python 3.4%
Dylan 2.9%
Shell 1.6%
Other 2.8%