OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
32,785 Commits 9 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Kevin Wolf 42eb58179b qcow1: Validate L2 table size (CVE-2014-0222) 
Too large L2 table sizes cause unbounded allocations. Images actually
created by qemu-img only have 512 byte or 4k L2 tables.

To keep things consistent with cluster sizes, allow ranges between 512
bytes and 64k (in fact, down to 1 entry = 8 bytes is technically
working, but L2 table sizes smaller than a cluster don't make a lot of
sense).

This also means that the number of bytes on the virtual disk that are
described by the same L2 table is limited to at most 8k * 64k or 2^29,
preventively avoiding any integer overflows.

Cc: qemu-stable@nongnu.org
Signed-off-by: Kevin Wolf <kwolf@redhat.com>
Reviewed-by: Benoit Canet <benoit@irqsave.net>
2014-05-19 11:36:49 +02:00
audio
savevm: Remove all the unneeded version_minimum_id_old (rest)
2014-05-14 15:24:51 +02:00
backends
build: convert some obj-specific CFLAGS to use new foo.o-cflags syntax
2014-05-08 15:27:49 +02:00
block
qcow1: Validate L2 table size (CVE-2014-0222)
2014-05-19 11:36:49 +02:00
bsd-user
Merge remote-tracking branch 'remotes/kvm/uq/master' into staging
2014-05-15 15:38:40 +01:00
default-configs
usb: mtp filesharing
2014-04-23 10:28:14 +02:00
disas
disas/libvixl: Update to libvixl 1.4
2014-05-13 16:09:35 +01:00
docs
savevm: Remove all the unneeded version_minimum_id_old (rest)
2014-05-14 15:24:51 +02:00
dtc @ bc895d6d09
fpu
softfloat: Introduce float32_to_uint64_round_to_zero
2014-04-08 11:20:00 +02:00
fsdev
virtfs-proxy-helper: fix call to accept
2014-04-28 08:55:32 +04:00
gdb-xml
target-arm: Support fp registers in gdb stub
2013-12-17 19:42:32 +00:00
hw
virtio update
2014-05-15 18:01:47 +01:00
include
qdict: Add qdict_join()
2014-05-19 11:36:48 +02:00
libcacard
libcacard: remove libcacard-specific CFLAGS and LIBS from global vars
2014-05-09 22:59:40 +02:00
linux-headers
linux-headers update
2014-04-25 12:59:57 +02:00
linux-user
target-i386: the x86 CPL is stored in CS.selector - auto update hflags accordingly.
2014-05-13 13:12:40 +02:00
net
trivial patches for 2014-04-28
2014-04-28 13:43:17 +01:00
pc-bios
ipxe: update to current git
2014-05-15 14:24:05 +02:00
pixman @ 97336fad32
po
po: add proper Language: tags to .po files
2014-04-28 08:55:32 +04:00
qapi
Revert "qapi: Clean up superfluous null check in qapi_dealloc_type_str()"
2014-05-09 09:11:32 -04:00
qga
qga: Drop superfluous error_is_set()
2014-05-09 09:11:31 -04:00
qobject
qdict: Add qdict_join()
2014-05-19 11:36:48 +02:00
qom
qerror.h: Remove QERR defines that are only used once
2014-04-25 09:19:59 -04:00
roms
ipxe: update to current git
2014-05-15 14:24:05 +02:00
scripts
Merge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging
2014-05-09 15:46:34 +01:00
slirp
slirp: Remove default_mon usage
2014-04-25 09:19:58 -04:00
stubs
qerror.h: Replace QERR_NOT_SUPPORTED with QERR_UNSUPPORTED
2014-04-25 09:19:59 -04:00
sysconfigs/target
target-alpha
savevm: Remove all the unneeded version_minimum_id_old (rest)
2014-05-14 15:24:51 +02:00
target-arm
target-arm queue:
2014-05-15 16:24:12 +01:00
target-cris
cputlb: Change tlb_set_page() argument to CPUState
2014-03-13 19:52:47 +01:00
target-i386
Merge remote-tracking branch 'remotes/kvm/uq/master' into staging
2014-05-15 15:38:40 +01:00
target-lm32
savevm: Remove all the unneeded version_minimum_id_old (rest)
2014-05-14 15:24:51 +02:00
target-m68k
cputlb: Change tlb_set_page() argument to CPUState
2014-03-13 19:52:47 +01:00
target-microblaze
microblaze: Respect the reset vector
2014-05-13 09:12:40 +10:00
target-mips
target-mips: Avoid shifting left into sign bit
2014-03-27 19:22:49 +04:00
target-moxie
savevm: Remove all the unneeded version_minimum_id_old (rest)
2014-05-14 15:24:51 +02:00
target-openrisc
savevm: Remove all the unneeded version_minimum_id_old (rest)
2014-05-14 15:24:51 +02:00
target-ppc
cpu: make CPU_INTERRUPT_RESET available on all targets
2014-05-13 13:21:51 +02:00
target-s390x
kvm: reset state from the CPU's reset method
2014-05-13 13:12:40 +02:00
target-sh4
cputlb: Change tlb_set_page() argument to CPUState
2014-03-13 19:52:47 +01:00
target-sparc
target-sparc: fix 32bit integer division overflow
2014-03-26 23:40:40 +00:00
target-unicore32
cputlb: Change tlb_set_page() argument to CPUState
2014-03-13 19:52:47 +01:00
target-xtensa
cputlb: Change tlb_set_page() argument to CPUState
2014-03-13 19:52:47 +01:00
tcg
tcg-s390: Implement direct chaining of TBs
2014-05-15 09:22:32 -07:00
tests
qcow1: Validate L2 table size (CVE-2014-0222)
2014-05-19 11:36:49 +02:00
trace
trace: [tracetool] Minimize the amount of per-backend code
2014-05-07 19:07:18 +02:00
ui
build: convert some obj-specific CFLAGS to use new foo.o-cflags syntax
2014-05-08 15:27:49 +02:00
util
savevm: Remove all the unneeded version_minimum_id_old (arm)
2014-05-13 16:09:35 +01:00
.exrc
.gitignore
gitignore: cleanups #2
2014-04-28 08:55:31 +04:00
.gitmodules
Add OpenHack'Ware submodule
2014-03-12 17:26:32 +01:00
.mailmap
.travis.yml
.travis.yml: add IRC notifications for build failures
2014-03-15 13:54:18 +04:00
aio-posix.c
aio: make aio_poll(ctx, true) block with no fds
2013-12-06 16:53:51 +01:00
aio-win32.c
aio: make aio_poll(ctx, true) block with no fds
2013-12-06 16:53:51 +01:00
arch_init.c
Split ram_save_block
2014-05-14 15:24:51 +02:00
async.c
aio: add aio_context_acquire() and aio_context_release()
2014-03-13 14:42:24 +01:00
balloon.c
block-migration.c
block: Handle error of bdrv_getlength in bdrv_create_dirty_bitmap
2014-04-22 11:57:02 +02:00
block.c
block: Allow JSON filenames
2014-05-19 11:36:49 +02:00
blockdev-nbd.c
blockdev.c
Merge remote-tracking branch 'remotes/qmp-unstable/queue/qmp' into staging
2014-04-28 12:56:34 +01:00
blockjob.c
qerror.h: Replace QERR_NOT_SUPPORTED with QERR_UNSUPPORTED
2014-04-25 09:19:59 -04:00
bt-host.c
bt-vhci.c
Changelog
Use qemu-project.org domain name
2013-10-11 09:34:56 -07:00
CODING_STYLE
CODING_STYLE: Section about mixed declarations
2014-03-27 19:22:49 +04:00
configure
tcg/s390 updates
2014-05-15 18:56:08 +01:00
COPYING
COPYING.LIB
coroutine-gthread.c
do not call g_thread_init() for glib >= 2.31
2014-05-07 21:00:43 +04:00
coroutine-sigaltstack.c
coroutine-ucontext.c
coroutine-win32.c
cpu-exec.c
cpu: make CPU_INTERRUPT_RESET available on all targets
2014-05-13 13:21:51 +02:00
cpus.c
savevm: Remove all the unneeded version_minimum_id_old (rest)
2014-05-14 15:24:51 +02:00
cputlb.c
cputlb: Change tlb_set_page() argument to CPUState
2014-03-13 19:52:47 +01:00
device_tree.c
device_tree: qemu_fdt_setprop: Rename val_array arg
2013-12-20 01:58:12 +01:00
device-hotplug.c
machine: Remove QEMUMachine indirection from MachineClass
2014-05-05 19:08:49 +02:00
disas.c
disas: Implement disassembly output for A64
2014-02-08 14:50:48 +00:00
dma-helpers.c
dma-helpers: Initialize DMAAIOCB in_cancel flag
2014-04-04 19:36:39 +02:00
dump.c
dump: Drop pointless error_is_set(), DumpState member errp
2014-05-09 09:11:32 -04:00
exec.c
savevm: Remove all the unneeded version_minimum_id_old (rest)
2014-05-14 15:24:51 +02:00
gdbstub.c
exec: Change cpu_breakpoint_{insert,remove{,_by_ref,_all}} argument
2014-03-13 19:20:48 +01:00
HACKING
hmp-commands.hx
HMP: support specifying dump format for dump-guest-memory
2014-04-25 11:18:33 -04:00
hmp.c
hmp: Guard against misuse of hmp_handle_error()
2014-05-09 09:11:31 -04:00
hmp.h
monitor: Add device_add and device_del completion.
2014-04-25 09:37:12 -04:00
iohandler.c
ioport.c
portio: Allow to mark portio lists as coalesced MMIO flushing
2013-10-17 17:24:15 +02:00
iothread.c
iothread: make IOThread struct definition public
2014-04-04 20:48:02 +02:00
kvm-all.c
kvm: reset state from the CPU's reset method
2014-05-13 13:12:40 +02:00
kvm-stub.c
machine: Replace QEMUMachine by MachineClass in accelerator configuration
2014-05-05 19:08:49 +02:00
LICENSE
main-loop.c
main-loop: Suppress "I/O thread spun" warnings for qtest
2014-03-13 21:36:50 +01:00
MAINTAINERS
pc,net,MAINTAINERS,build updates
2014-05-07 17:16:03 +01:00
Makefile
Merge remote-tracking branch 'remotes/bonzini/configure' into staging
2014-05-13 11:30:07 +01:00
Makefile.objs
libcacard: remove libcacard-specific CFLAGS and LIBS from global vars
2014-05-09 22:59:40 +02:00
Makefile.target
Makefile.target: use $(INSTALL_PROG) for installing, not $(INSTALL)
2014-05-08 15:09:04 +02:00
memory_mapping.c
memory.c
memory_region_present: return false if address is not found in child MemoryRegion
2014-03-09 21:09:37 +02:00
migration-exec.c
migration-fd.c
migration-rdma.c
rdma: rename 'x-rdma' => 'rdma'
2014-02-25 14:30:28 +01:00
migration-tcp.c
Coverity: Fix failure path for qemu_accept in migration
2014-05-05 22:15:03 +02:00
migration-unix.c
Coverity: Fix failure path for qemu_accept in migration
2014-05-05 22:15:03 +02:00
migration.c
migration: show average throughput when migration finishes
2014-05-14 15:24:52 +02:00
module-common.c
module: implement module loading
2014-02-20 13:14:18 +01:00
monitor.c
monitor: add Error-propagating monitor_handle_fd_param2()
2014-05-08 14:19:58 -04:00
nbd.c
nbd: move socket wrappers to qemu-nbd
2014-02-21 21:02:23 +01:00
os-posix.c
oslib-posix: Fix build on FreeBSD
2014-03-13 14:34:16 +00:00
os-win32.c
util: Split out exec_dir from os_find_datadir
2014-02-20 13:12:54 +01:00
page_cache.c
Fix two XBZRLE corruption issues
2014-02-25 14:30:28 +01:00
qapi-schema.json
migration: expose xbzrle cache miss rate
2014-05-05 22:15:03 +02:00
qdev-monitor.c
qdev: Fix crash by validating the object type
2014-05-05 19:08:49 +02:00
qdict-test-data.txt
qemu-bridge-helper.c
qemu-char.c
char: restore read callback on a reattached (hotplug) chardev
2014-03-13 10:33:45 +01:00
qemu-coroutine-io.c
qemu-coroutine-lock.c
coroutine: remove qemu_co_queue_wait_insert_head
2013-12-02 17:11:49 +01:00
qemu-coroutine-sleep.c
coroutine: add co_aio_sleep_ns() to allow sleep in block drivers
2013-10-30 12:22:09 +01:00
qemu-coroutine.c
qemu-doc.texi
doc: grammify "allows to"
2014-04-18 10:33:36 +04:00
qemu-file.c
Make qemu_peek_buffer loop until it gets it's data
2014-05-05 22:15:03 +02:00
qemu-img-cmds.hx
qemu-img: add -l for snapshot in convert
2013-12-04 15:19:00 +01:00
qemu-img.c
Remove g_sequence_lookup from qemu-img help function
2014-05-19 11:36:48 +02:00
qemu-img.texi
Describe flaws in qcow/qcow2 encryption in the docs
2014-01-31 22:05:03 +01:00
qemu-io-cmds.c
qemu-io-cmds: Fixed typo in example for writev.
2014-03-19 09:39:41 +01:00
qemu-io.c
block: Add errp to bdrv_new()
2014-04-22 12:00:20 +02:00
qemu-log.c
qemu-nbd.c
block: Add errp to bdrv_new()
2014-04-22 12:00:20 +02:00
qemu-nbd.texi
qemu-nbd: add doc for option -f
2013-12-04 15:19:00 +01:00
qemu-options-wrapper.h
qemu-options.h
qemu-options.hx
curl: Add usage documentation
2014-05-19 11:36:49 +02:00
qemu-seccomp.c
seccomp: add shmctl(), mlock(), and munlock() to the syscall whitelist
2014-04-25 14:52:03 -03:00
qemu-tech.texi
qemu-timer.c
vl.c: remove init_clocks call from main
2014-05-09 20:57:32 +02:00
qemu.nsi
nsis: Improved support for parallel installation of 32 and 64 bit code
2013-11-07 07:02:44 +01:00
qemu.sasl
sasl: Avoid 'Could not find keytab file' in syslog
2014-03-15 13:54:18 +04:00
qmp-commands.hx
qmp: use valid JSON in transaction example
2014-05-09 09:11:32 -04:00
qmp.c
qmp: Don't use error_is_set() to suppress additional errors
2014-05-09 09:11:32 -04:00
qtest.c
machine: Replace QEMUMachine by MachineClass in accelerator configuration
2014-05-05 19:08:49 +02:00
README
Use qemu-project.org domain name
2013-10-11 09:34:56 -07:00
rules.mak
build: simplify and fix fix-obj-vars
2014-05-09 22:59:40 +02:00
savevm.c
qerror.h: Remove QERR defines that are only used once
2014-04-25 09:19:59 -04:00
spice-qemu-char.c
spice: hook qemu_chr_fe_set_open() event to ports
2014-02-03 11:05:15 +01:00
tcg-runtime.c
tci.c
tci: Mask shift counts to avoid undefined behavior
2014-04-18 16:57:36 -07:00
thread-pool.c
Add a 'name' parameter to qemu_thread_create
2014-03-09 21:09:38 +02:00
thunk.c
tpm.c
Use error_is_set() only when necessary
2014-02-17 11:57:23 -05:00
trace-events
kvm: make one_reg helpers available for everyone
2014-05-13 13:11:08 +02:00
translate-all.c
tcg: Define tcg_insn_unit for code pointers
2014-05-12 10:03:04 -07:00
translate-all.h
translate-all: Change tb_check_watchpoint() argument to CPUState
2014-03-13 19:20:48 +01:00
user-exec.c
tcg-aarch64: Properly detect SIGSEGV writes
2014-04-16 12:12:32 -04:00
VERSION
Open 2.1 development tree
2014-04-17 20:39:32 +01:00
version.rc
Use qemu-project.org domain name
2013-10-11 09:34:56 -07:00
vl.c
vl.c: remove init_clocks call from main
2014-05-09 20:57:32 +02:00
vmstate.c
savevm: Ignore minimum_version_id_old if there is no load_state_old
2014-05-05 22:15:03 +02:00
xbzrle.c
xbzrle.c: Avoid undefined behaviour with signed arithmetic
2014-04-18 10:33:36 +04:00
xen-common-stub.c
xen: factor out common functions
2014-05-07 16:16:43 +00:00
xen-common.c
xen: factor out common functions
2014-05-07 16:16:43 +00:00
xen-hvm-stub.c
xen: factor out common functions
2014-05-07 16:16:43 +00:00
xen-hvm.c
pass an inclusive address range to xc_domain_pin_memory_cacheattr
2014-05-07 16:17:57 +00:00
xen-mapcache.c

README 

Read the documentation in qemu-doc.html or on http://wiki.qemu-project.org

- QEMU team
Description
QEMU With E2K User Support
Readme 459 MiB
Languages
C 83.1%
C++ 6.3%
Python 3.2%
Dylan 2.8%
Shell 1.6%
Other 2.8%