OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
147482ae35
qemu-e2k/hw/sd
History
Alistair Francis 9201bb9a8c sdhci.c: Limit the maximum block size 
It is possible for the guest to set an invalid block
size which is larger then the fifo_buffer[] array. This
could cause a buffer overflow.

To avoid this limit the maximum size of the blksize variable.

Signed-off-by: Alistair Francis <alistair.francis@xilinx.com>
Reported-by: Intel Security ATR <secure@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Message-id: abe4c51f513290bbb85d1ee271cb1a3d463d7561.1444067470.git.alistair.francis@xilinx.com
Suggested-by: Igor Mitsyanko <i.mitsyanko@gmail.com>
Reported-by: Intel Security ATR <secure@intel.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2015-10-12 11:17:45 +01:00
..
Makefile.objs hw: move SD/MMC devices to hw/sd/, configure with default-configs/ 2013-04-08 18:13:14 +02:00
milkymist-memcard.c sysbus: Make devices picking up backends unavailable with -device 2015-04-02 15:30:44 +02:00
omap_mmc.c arm: Use g_new() & friends where that makes obvious sense 2015-09-07 10:39:27 +01:00
pl181.c typofixes - v4 2015-09-11 10:45:43 +03:00
pxa2xx_mmci.c hw/sd/pxa2xx_mmci: Stop using old_mmio in MemoryRegionOps 2015-06-15 18:06:09 +01:00
sd.c sdhci: Pass drive parameter to sdhci-pci via qdev property 2015-10-12 09:21:10 +01:00
sdhci.c sdhci.c: Limit the maximum block size 2015-10-12 11:17:45 +01:00
sdhci.h sdhci: Pass drive parameter to sdhci-pci via qdev property 2015-10-12 09:21:10 +01:00
ssi-sd.c hw: Mark devices picking up block backends actively FIXME 2015-04-02 15:26:27 +02:00