mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
32,459 Commits 50 Branches 394 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Michael S. Tsirkin d2ef4b61fe vmstate: fix buffer overflow in target-arm/machine.c 
CVE-2013-4531

cpreg_vmstate_indexes is a VARRAY_INT32. A negative value for
cpreg_vmstate_array_len will cause a buffer overflow.

VMSTATE_INT32_LE was supposed to protect against this
but doesn't because it doesn't validate that input is
non-negative.

Fix this macro to valide the value appropriately.

The only other user of VMSTATE_INT32_LE doesn't
ever use negative numbers so it doesn't care.

Reported-by: Anthony Liguori <anthony@codemonkey.ws>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Juan Quintela <quintela@redhat.com>
2014-05-05 22:15:02 +02:00
audio
backends
block
curl: Fix hang reading from slow connections
2014-04-30 16:34:21 +02:00
bsd-user
default-configs
usb: mtp filesharing
2014-04-23 10:28:14 +02:00
disas
docs
vga: add secondary stdvga variant
2014-05-01 16:02:45 +01:00
dtc @ bc895d6d09
fpu
softfloat: Introduce float32_to_uint64_round_to_zero
2014-04-08 11:20:00 +02:00
fsdev
virtfs-proxy-helper: fix call to accept
2014-04-28 08:55:32 +04:00
gdb-xml
hw
pl022: fix buffer overun on invalid state load
2014-05-05 22:15:02 +02:00
include
virtio-net: fix buffer overflow on invalid state load
2014-05-05 14:15:10 +02:00
libcacard
linux-headers
linux-headers update
2014-04-25 12:59:57 +02:00
linux-user
target-arm: Define exception record for AArch64 exceptions
2014-04-17 21:34:03 +01:00
net
trivial patches for 2014-04-28
2014-04-28 13:43:17 +01:00
pc-bios
Add QEMU logo (SVG file)
2014-04-28 08:55:31 +04:00
pixman @ 97336fad32
po
po: add proper Language: tags to .po files
2014-04-28 08:55:32 +04:00
qapi
qerror.h: Remove QERR defines that are only used once
2014-04-25 09:19:59 -04:00
qga
qga: trivial fix for unclear documentation of guest-set-time
2014-04-18 10:33:36 +04:00
qobject
qerror.h: Remove QERR defines that are only used once
2014-04-25 09:19:59 -04:00
qom
qerror.h: Remove QERR defines that are only used once
2014-04-25 09:19:59 -04:00
roms
pseries: Update SLOF firmware image to qemu-slof-20140404
2014-04-08 11:20:00 +02:00
scripts
scripts: add sample model file for Coverity Scan
2014-04-18 10:33:36 +04:00
slirp
slirp: Remove default_mon usage
2014-04-25 09:19:58 -04:00
stubs
qerror.h: Replace QERR_NOT_SUPPORTED with QERR_UNSUPPORTED
2014-04-25 09:19:59 -04:00
sysconfigs/target
target-alpha
target-alpha: Remove cpu_unique, cpu_sysval, cpu_usp
2014-04-17 11:47:42 -07:00
target-arm
target-arm: Correct a comment refering to EL0
2014-05-01 15:24:46 +01:00
target-cris
target-i386
target-i386: reorder fields in cpu/msr_hyperv_hypercall subsection
2014-04-05 10:49:05 +01:00
target-lm32
target-m68k
target-microblaze
target-mips
target-moxie
target-openrisc
target-ppc
ppc: use kvm_vcpu_enable_cap()
2014-04-30 14:39:58 +02:00
target-s390x
s390x: use kvm_vcpu_enable_cap()
2014-04-30 14:39:49 +02:00
target-sh4
target-sparc
target-unicore32
target-xtensa
tcg
tcg-sparc: Accept stores of zero
2014-04-28 11:06:35 -07:00
tests
Block patches
2014-05-02 10:50:58 +01:00
trace
ui
gtk: collection of fixes and cleanups by Cole Robinson
2014-05-01 14:17:33 +01:00
util
trivial patches for 2014-04-28
2014-04-28 13:43:17 +01:00
.exrc
.gitignore
gitignore: cleanups #2
2014-04-28 08:55:31 +04:00
.gitmodules
.mailmap
.travis.yml
aio-posix.c
aio-win32.c
arch_init.c
async.c
balloon.c
block-migration.c
block: Handle error of bdrv_getlength in bdrv_create_dirty_bitmap
2014-04-22 11:57:02 +02:00
block.c
block: Fix open_flags in bdrv_reopen()
2014-04-30 11:05:00 +02:00
blockdev-nbd.c
blockdev.c
Merge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging
2014-04-28 12:56:34 +01:00
blockjob.c
qerror.h: Replace QERR_NOT_SUPPORTED with QERR_UNSUPPORTED
2014-04-25 09:19:59 -04:00
bt-host.c
bt-vhci.c
Changelog
CODING_STYLE
configure
configure: Re-run make if gtkabi/sdlabi is changed
2014-04-29 10:46:30 +02:00
COPYING
COPYING.LIB
coroutine-gthread.c
coroutine-sigaltstack.c
coroutine-ucontext.c
coroutine-win32.c
cpu-exec.c
cpu-exec: Unlock tb_lock if we longjmp out of code generation
2014-04-04 18:29:25 +01:00
cpus.c
misc: Use cpu_physical_memory_read and cpu_physical_memory_write
2014-04-27 13:04:18 +04:00
cputlb.c
device_tree.c
device-hotplug.c
disas.c
dma-helpers.c
dma-helpers: Initialize DMAAIOCB in_cancel flag
2014-04-04 19:36:39 +02:00
dump.c
exec.c
gdbstub.c
HACKING
hmp-commands.hx
HMP: support specifying dump format for dump-guest-memory
2014-04-25 11:18:33 -04:00
hmp.c
HMP: support specifying dump format for dump-guest-memory
2014-04-25 11:18:33 -04:00
hmp.h
monitor: Add device_add and device_del completion.
2014-04-25 09:37:12 -04:00
iohandler.c
ioport.c
iothread.c
iothread: make IOThread struct definition public
2014-04-04 20:48:02 +02:00
kvm-all.c
Revert "fix return check for KVM_GET_DIRTY_LOG ioctl"
2014-04-14 15:40:02 +01:00
kvm-stub.c
LICENSE
main-loop.c
MAINTAINERS
MAINTAINERS: Add qemu-img/io to block subsystem
2014-04-25 18:05:05 +02:00
Makefile
Makefile: add qga-vss-dll-obj-y to nested variables
2014-04-07 14:39:19 -05:00
Makefile.objs
Makefile.target
memory_mapping.c
memory.c
migration-exec.c
migration-fd.c
migration-rdma.c
migration-tcp.c
migration-unix.c
migration.c
module-common.c
monitor.c
monitor: fix qmp_getfd() fd leak in error case
2014-04-25 11:41:41 -04:00
nbd.c
os-posix.c
os-win32.c
page_cache.c
qapi-schema.json
block: Expose host_* drivers in blockdev-add
2014-04-25 18:05:06 +02:00
qdev-monitor.c
qerror.h: Remove QERR defines that are only used once
2014-04-25 09:19:59 -04:00
qdict-test-data.txt
qemu-bridge-helper.c
qemu-char.c
qemu-coroutine-io.c
qemu-coroutine-lock.c
qemu-coroutine-sleep.c
qemu-coroutine.c
qemu-doc.texi
doc: grammify "allows to"
2014-04-18 10:33:36 +04:00
qemu-file.c
qemu-img-cmds.hx
qemu-img.c
block: Add '--version' option to qemu-img
2014-04-29 10:36:35 +02:00
qemu-img.texi
qemu-io-cmds.c
qemu-io.c
block: Add errp to bdrv_new()
2014-04-22 12:00:20 +02:00
qemu-log.c
qemu-nbd.c
block: Add errp to bdrv_new()
2014-04-22 12:00:20 +02:00
qemu-nbd.texi
qemu-options-wrapper.h
qemu-options.h
qemu-options.hx
trivial patches for 2014-04-28
2014-04-28 13:43:17 +01:00
qemu-seccomp.c
seccomp: add shmctl(), mlock(), and munlock() to the syscall whitelist
2014-04-25 14:52:03 -03:00
qemu-tech.texi
qemu-timer.c
qemu.nsi
qemu.sasl
qmp-commands.hx
qmp.c
qmp: object-add: Validate class before creating object
2014-04-25 11:08:34 -04:00
qtest.c
README
rules.mak
savevm.c
qerror.h: Remove QERR defines that are only used once
2014-04-25 09:19:59 -04:00
spice-qemu-char.c
tcg-runtime.c
tci.c
tci: Mask shift counts to avoid undefined behavior
2014-04-18 16:57:36 -07:00
thread-pool.c
thunk.c
tpm.c
trace-events
s390x/kvm: rework KVM synchronize to tracing for some ONEREGS
2014-04-25 12:59:57 +02:00
translate-all.c
page_check_range: don't bail out early after unprotecting page
2014-04-04 18:16:03 +01:00
translate-all.h
user-exec.c
tcg-aarch64: Properly detect SIGSEGV writes
2014-04-16 12:12:32 -04:00
VERSION
Open 2.1 development tree
2014-04-17 20:39:32 +01:00
version.rc
vl.c
vl: avoid closing stdout with 'writeconfig'
2014-04-28 08:55:31 +04:00
vmstate.c
vmstate: fix buffer overflow in target-arm/machine.c
2014-05-05 22:15:02 +02:00
xbzrle.c
xbzrle.c: Avoid undefined behaviour with signed arithmetic
2014-04-18 10:33:36 +04:00
xen-all.c
xen-mapcache.c
xen-stub.c

README 

Read the documentation in qemu-doc.html or on http://wiki.qemu-project.org

- QEMU team
Description
No description provided
Readme 404 MiB
Languages
C 82.6%
C++ 6.5%
Python 3.4%
Dylan 2.9%
Shell 1.6%
Other 2.8%