mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
qemu/hw/misc
History
Peter Maydell ec1efab957 hw/misc/arm_sysctl: Fix bad boundary check on mb clock accesses 
Fix incorrect use of sizeof() rather than ARRAY_SIZE() to guard
accesses into the mb_clock[] array, which was allowing a malicious
guest to overwrite the end of the array.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Andreas Färber <afaerber@suse.de>
Message-id: 1392647854-8067-2-git-send-email-peter.maydell@linaro.org
Cc: qemu-stable@nongnu.org
2014-02-26 17:19:57 +00:00
..
macio
qom: Pass available size to object_initialize()
2013-08-30 21:15:44 +02:00
a9scu.c
a9mpcore: Embed A9SCUState
2013-11-05 17:47:29 +01:00
applesmc.c
qdev: Remove hex8/32/64 property types
2014-02-14 21:12:04 +01:00
arm11scu.c
arm11mpcore: Split off SCU device
2013-11-05 17:47:30 +01:00
arm_integrator_debug.c
integrator: fix Linux boot failure by emulating dbg region
2013-10-31 14:00:16 +01:00
arm_l2x0.c
sysbus: Set cannot_instantiate_with_device_add_yet
2013-12-23 00:27:22 +01:00
arm_sysctl.c
hw/misc/arm_sysctl: Fix bad boundary check on mb clock accesses
2014-02-26 17:19:57 +00:00
cbus.c
debugexit.c
qdev: Remove hex8/32/64 property types
2014-02-14 21:12:04 +01:00
eccmemctl.c
qdev: Remove hex8/32/64 property types
2014-02-14 21:12:04 +01:00
exynos4210_pmu.c
exynos4210: Use macro ARRAY_SIZE where possible
2013-12-23 16:02:19 +04:00
imx_ccm.c
ivshmem.c
hw: set interrupts using pci irq wrappers
2013-10-14 17:11:45 +03:00
lm32_sys.c
lm32_sys: dump cpu state if test case fails
2014-02-04 19:47:39 +01:00
Makefile.objs
pcmcia: QOM'ify PCMCIACardState and MicroDriveState
2013-11-05 18:06:52 +01:00
max111x.c
milkymist-hpdmc.c
milkymist-pfpu.c
mst_fpga.c
omap_clk.c
omap_gpmc.c
omap_l4.c
omap_sdrc.c
omap_tap.c
pc-testdev.c
pci-testdev.c
puv3_pm.c
pvpanic.c
pc: get rid of builtin pvpanic for "-M pc-1.5"
2013-11-21 17:38:54 +01:00
sga.c
slavio_misc.c
tmp105.c
tmp105.h
vfio.c
vfio: correct debug macro typo
2014-01-28 08:23:19 -07:00
vmport.c
isa: Clean up use of cannot_instantiate_with_device_add_yet
2013-12-23 00:27:23 +01:00
zynq_slcr.c
arm/zynq: Add software system reset via SCLR
2014-02-08 14:50:48 +00:00