system/qemu
system/qemu
1
0
Fork 0
mirror of https://gitlab.com/qemu-project/qemu synced 2024-11-05 20:35:44 +00:00
Code Issues Projects Releases Packages Wiki Activity
qemu/hw
History
Peter Maydell 2a6cb383e2 hw/net/fsl_etsec/rings.c: Avoid variable length array 
In fill_rx_bd() we create a variable length array of size
etsec->rx_padding. In fact we know that this will never be
larger than 64 bytes, because rx_padding is set in rx_init_frame()
in a way that ensures it is only that large. Use a fixed sized
array and assert that it is big enough.

Since padd[] is now potentially rather larger than the actual
padding required, adjust the memset() we do on it to match the
size that we write with cpu_physical_memory_write(), rather than
clearing the entire array.

The codebase has very few VLAs, and if we can get rid of them all we
can make the compiler error on new additions.  This is a defensive
measure against security bugs where an on-stack dynamic allocation
isn't correctly size-checked (e.g.  CVE-2021-3527).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2023-09-18 14:36:13 +08:00
..
9pfs hw/9pfs: spelling fixes 2023-07-25 17:15:47 +03:00
acpi hw/acpi: Fix PM control register access 2023-06-26 09:49:24 -04:00
adc meson: Replace softmmu_ss -> system_ss 2023-06-20 10:01:30 +02:00
alpha hw/alpha: Use MachineClass->default_nic in the alpha machine 2023-05-26 09:10:49 +02:00
arm target/arm: Implement cortex-a710 2023-09-08 16:41:35 +01:00
audio audio: spelling fixes 2023-09-08 13:08:52 +03:00
avr
block m25p80: Introduce an helper to retrieve the BlockBackend of a device 2023-09-01 11:40:04 +02:00
char hw/char/riscv_htif: Fix the console syscall on big endian hosts 2023-09-11 11:45:54 +10:00
core virtio-net: Add support for USO features 2023-09-18 14:36:13 +08:00
cpu meson: Replace softmmu_ss -> system_ss 2023-06-20 10:01:30 +02:00
cris
cxl hw/cxl/events: Add event interrupt support 2023-06-22 18:55:14 -04:00
display virtio-gpu/win32: set the destroy function on load 2023-09-12 10:37:02 +04:00
dma hw/dma/etraxfs: Include missing 'exec/memory.h' header 2023-08-31 19:47:43 +02:00
gpio hw/gpio/nrf51: implement DETECT signal 2023-08-22 17:30:59 +01:00
hppa target/hppa: Provide qemu version via fw_cfg to firmware 2023-06-24 13:39:48 +02:00
hyperv win32: replace closesocket() with close() wrapper 2023-03-13 15:39:31 +04:00
i2c aspeed queue: 2023-09-06 11:14:55 -04:00
i386 vmmouse: use explicit code 2023-09-12 10:37:02 +04:00
ide hw/ide/ahci: fix broken SError handling 2023-09-06 22:48:04 -04:00
input vhost-user: fully use new backend/frontend naming 2023-06-26 09:50:00 -04:00
intc First RISC-V PR for 8.2 2023-09-11 09:12:12 -04:00
ipack meson: Replace softmmu_ss -> system_ss 2023-06-20 10:01:30 +02:00
ipmi meson: Replace softmmu_ss -> system_ss 2023-06-20 10:01:30 +02:00
isa hw/isa/vt82c686: Remove via_isa_set_irq() 2023-07-11 00:11:25 +02:00
loongarch hw/loongarch: Fix ACPI processor id off-by-one error 2023-08-24 16:58:16 +08:00
m68k hw: Add compat machines for 8.2 2023-08-23 12:06:39 +02:00
mem memory-device: Track used region size in DeviceMemoryState 2023-07-12 09:25:37 +02:00
microblaze trivial: Simplify the spots that use TARGET_BIG_ENDIAN as a numeric value 2023-09-08 13:08:52 +03:00
mips trivial: Simplify the spots that use TARGET_BIG_ENDIAN as a numeric value 2023-09-08 13:08:52 +03:00
misc hw/misc: Introduce a model of Xilinx Versal's CFRAME_BCAST_REG 2023-09-08 16:41:35 +01:00
net hw/net/fsl_etsec/rings.c: Avoid variable length array 2023-09-18 14:36:13 +08:00
nios2 trivial: Simplify the spots that use TARGET_BIG_ENDIAN as a numeric value 2023-09-08 13:08:52 +03:00
nubus trace-events: Fix the name of the tracing.rst file 2023-09-08 13:08:51 +03:00
nvme hw/nvme updates 2023-09-13 13:41:09 -04:00
nvram hw/nvram: Avoid unnecessary Xilinx eFuse backstore write 2023-07-17 11:05:52 +01:00
openrisc *: Add missing includes of qemu/error-report.h 2023-03-22 15:06:57 +00:00
pci pci: Fix the update of interrupt disable bit in PCI_COMMAND register 2023-08-11 12:15:24 -04:00
pci-bridge hw/pci-bridge/cxl_upstream.c: Use g_new0() in build_cdat_table() 2023-08-03 16:06:49 -04:00
pci-host hw/pci-host: Allow extended config space access for Designware PCIe host 2023-08-11 12:15:24 -04:00
pcmcia meson: Replace softmmu_ss -> system_ss 2023-06-20 10:01:30 +02:00
ppc hw/ppc: use g_free() in spapr_tce_table_post_load() 2023-09-08 13:08:52 +03:00
rdma meson: Replace softmmu_ss -> system_ss 2023-06-20 10:01:30 +02:00
remote exec/memory: Add symbol for memory listener priority for device backend 2023-06-28 14:27:59 +02:00
riscv hw/riscv/virt.c: fix non-KVM --enable-debug build 2023-09-11 11:45:55 +10:00
rtc hw/rtc/aspeed_rtc: Use 64-bit offset for holding time_t difference 2023-08-31 09:45:18 +01:00
rx bulk: Remove pointless QOM casts 2023-06-05 20:48:34 +02:00
s390x s390x: do a subsystem reset before the unprotect on reboot 2023-09-12 11:13:33 +02:00
scsi scsi: clear unit attention only for REPORT LUNS commands 2023-07-14 11:10:58 +02:00
sd aspeed queue: 2023-09-06 11:14:55 -04:00
sensor hw/i2c: spelling fixes 2023-08-31 19:47:43 +02:00
sh4 hw/sh4: Use MachineClass->default_nic in the sh4 r2d machine 2023-05-22 09:44:48 +02:00
smbios hw/smbios: Fix core count in type4 2023-07-10 16:17:08 -04:00
sparc other architectures: spelling fixes 2023-07-25 17:14:07 +03:00
sparc64 hw/pci/pci: Remove multifunction parameter from pci_new_multifunction() 2023-07-10 18:59:32 -04:00
ssi hw/ssi: Check for duplicate CS indexes 2023-09-01 11:40:04 +02:00
timer meson: Replace softmmu_ss -> system_ss 2023-06-20 10:01:30 +02:00
tpm hw/tpm: TIS on sysbus: Remove unsupport ppi command line option 2023-07-14 11:31:54 -04:00
tricore
ufs hw/ufs: Support for UFS logical unit 2023-09-07 14:01:29 -04:00
usb hw/usb/hcd-xhci: Avoid variable-length array in xhci_get_port_bandwidth() 2023-08-31 19:47:43 +02:00
vfio vfio/common: Separate vfio-pci ranges 2023-09-11 08:34:06 +02:00
virtio virtio: Drop out of coroutine context in virtio_load() 2023-09-08 17:03:09 +02:00
watchdog meson: Replace softmmu_ss -> system_ss 2023-06-20 10:01:30 +02:00
xen xen: spelling fix 2023-09-08 13:08:52 +03:00
xenpv hw/xenpv: Initialize Xen backend operations 2023-03-24 14:52:14 +00:00
xtensa trivial: Simplify the spots that use TARGET_BIG_ENDIAN as a numeric value 2023-09-08 13:08:52 +03:00
Kconfig hw/ufs: Initial commit for emulated Universal-Flash-Storage 2023-09-07 14:01:29 -04:00
meson.build hw/ufs: Initial commit for emulated Universal-Flash-Storage 2023-09-07 14:01:29 -04:00