qemu-e2k

History

Gerd Hoffmann b946434f26 usb: fix setup_len init (CVE-2020-14364) Store calculated setup_len in a local variable, verify it, and only write it to the struct (USBDevice->setup_len) in case it passed the sanity checks. This prevents other code (do_token_{in,out} functions specifically) from working with invalid USBDevice->setup_len values and overrunning the USBDevice->setup_buf[] buffer. Fixes: CVE-2020-14364 Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> Tested-by: Gonglei <arei.gonglei@huawei.com> Reviewed-by: Li Qiang <liq3ea@gmail.com> Message-id: 20200825053636.29648-1-kraxel@redhat.com		2020-08-31 08:23:39 +02:00
..
bus.c	error: Eliminate error_propagate() manually	2020-07-10 15:18:08 +02:00
ccid-card-emulated.c
ccid-card-passthru.c
ccid.h
chipidea.c
combined-packet.c
core.c	usb: fix setup_len init (CVE-2020-14364)	2020-08-31 08:23:39 +02:00
desc-msos.c
desc.c
desc.h
dev-audio.c
dev-hid.c	hw/usb: Regroup USB HID protocol values	2020-08-31 08:10:47 +02:00
dev-hub.c
dev-mtp.c
dev-network.c
dev-serial.c
dev-smartcard-reader.c
dev-storage.c	usb: fix storage regression	2020-07-16 10:20:27 +02:00
dev-uas.c
dev-wacom.c	hw/usb: Regroup USB HID protocol values	2020-08-31 08:10:47 +02:00
hcd-dwc2.c	hcd-dwc2: Rename USB_*CLASS macros for consistency	2020-08-27 14:04:54 -04:00
hcd-dwc2.h	hcd-dwc2: Rename USB_*CLASS macros for consistency	2020-08-27 14:04:54 -04:00
hcd-ehci-pci.c
hcd-ehci-sysbus.c
hcd-ehci.c	ehci: drop pointless warn_report for guest bugs.	2020-08-31 08:10:47 +02:00
hcd-ehci.h
hcd-musb.c
hcd-ohci-pci.c
hcd-ohci.c
hcd-ohci.h
hcd-uhci.c
hcd-xhci-nec.c
hcd-xhci.c	hw: xhci: check return value of 'usb_packet_map'	2020-08-31 08:10:47 +02:00
hcd-xhci.h
host-libusb.c	usb-host: workaround libusb bug	2020-08-31 08:23:39 +02:00
host-stub.c
host.h
imx-usb-phy.c
Kconfig	meson: Add U2F key to meson	2020-08-31 08:23:10 +02:00
libhw.c
meson.build	hw/usb: Add U2F device autoscan to passthru mode	2020-08-31 08:23:39 +02:00
quirks-ftdi-ids.h
quirks-pl2303-ids.h
quirks.c
quirks.h
redirect.c
trace-events
trace.h	trace: switch position of headers to what Meson requires	2020-08-21 06:18:24 -04:00
tusb6010.c
u2f-emulated.c	hw/usb: Add U2F key emulated mode	2020-08-31 08:10:47 +02:00
u2f-passthru.c	hw/usb: Add U2F device autoscan to passthru mode	2020-08-31 08:23:39 +02:00
u2f.c	hw/usb: Add U2F key base class implementation	2020-08-31 08:10:47 +02:00
u2f.h	hw/usb: Add U2F key base class	2020-08-31 08:10:47 +02:00
xen-usb.c