mirrors/qemu
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
qemu/hw/usb
History
Prasad J Pandit fe3c546c5f usb: check RNDIS buffer offsets & length 
When processing remote NDIS control message packets,
the USB Net device emulator uses a fixed length(4096) data buffer.
The incoming informationBufferOffset & Length combination could
overflow and cross that range. Check control message buffer
offsets and length to avoid it.

Reported-by: Qinghao Tang <luodalongde@gmail.com>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-id: 1455648821-17340-3-git-send-email-ppandit@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
2016-02-23 10:38:01 +01:00
..
bus.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
ccid-card-emulated.c
Emulated CCID card: QOMify
2016-02-11 15:15:46 +03:00
ccid-card-passthru.c
Passthru CCID card: QOMify
2016-02-11 15:15:47 +03:00
ccid.h
combined-packet.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
core.c
usb: check RNDIS message length
2016-02-23 10:38:00 +01:00
desc-msos.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
desc.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
desc.h
dev-audio.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
dev-bluetooth.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
dev-hid.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
dev-hub.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
dev-mtp.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
dev-network.c
usb: check RNDIS buffer offsets & length
2016-02-23 10:38:01 +01:00
dev-serial.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
dev-smartcard-reader.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
dev-storage.c
qom: Swap 'name' next to visitor in ObjectPropertyAccessor
2016-02-08 17:29:56 +01:00
dev-uas.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
dev-wacom.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
hcd-ehci-pci.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
hcd-ehci-sysbus.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
hcd-ehci.c
ehci: update irq on reset
2016-02-02 14:11:01 +01:00
hcd-ehci.h
hcd-musb.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
hcd-ohci.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
hcd-uhci.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
hcd-xhci.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
host-legacy.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
host-libusb.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
host-stub.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
host.h
libhw.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
Makefile.objs
tusb6010: move from hw/timer to hw/usb
2016-02-23 10:38:00 +01:00
quirks-ftdi-ids.h
quirks-pl2303-ids.h
quirks.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
quirks.h
redirect.c
usb: Clean up includes
2016-01-29 15:07:23 +00:00
tusb6010.c
tusb6010: move from hw/timer to hw/usb
2016-02-23 10:38:00 +01:00