OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
QEMU With E2K User Support
33,788 Commits 9 Branches 0 Tags 459 MiB
C 83.1%
C++ 6.3%
Python 3.2%
Dylan 2.8%
Shell 1.6%
Other 2.8%
68716da745
Go to file
Stefan Weil 68716da745 apb: Fix out-of-bounds array write access 
The array regs is declared with IOMMU_NREGS (3) elements and accessed
using IOMMU_CTRL (0) and IOMMU_BASE (8). In most cases, those values
are right shifted before being used as an index which results in indices
0 and 1. In one case, this right shift was missing for IOMMU_BASE which
results in an out-of-bounds write access with index 8.

The patch adds the missing shift operation also for IOMMU_CTRL where
it is needed only for cosmetic reasons.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Signed-off-by: Mark Cave-Ayland <mark.cave-ayland@ilande.co.uk>
2014-06-20 23:52:49 +01:00
audio
backends
block
bsd-user
default-configs
disas
docs
dtc@bc895d6d09
fpu
fsdev
gdb-xml
hw
include
libcacard
libdecnumber
linux-headers
linux-user
net
pc-bios
pixman@97336fad32
po
qapi
qga
qobject
qom
roms
scripts
slirp
stubs
sysconfigs/target
target-alpha
target-arm
target-cris
target-i386
target-lm32
target-m68k
target-microblaze
target-mips
target-moxie
target-openrisc
target-ppc
target-s390x
target-sh4
target-sparc
target-unicore32
target-xtensa
tcg
tests
trace
ui
util
.exrc
.gitignore
.gitmodules
.mailmap
.travis.yml
aio-posix.c
aio-win32.c
arch_init.c
async.c
balloon.c
block-migration.c
block.c
blockdev-nbd.c
blockdev.c
blockjob.c
bt-host.c
bt-vhci.c
Changelog
CODING_STYLE
configure
COPYING
COPYING.LIB
coroutine-gthread.c
coroutine-sigaltstack.c
coroutine-ucontext.c
coroutine-win32.c
cpu-exec.c
cpus.c
cputlb.c
device_tree.c
device-hotplug.c
disas.c
dma-helpers.c
dump.c
exec.c
gdbstub.c
HACKING
hmp-commands.hx
hmp.c
hmp.h
iohandler.c
ioport.c
iothread.c
kvm-all.c
kvm-stub.c
LICENSE
main-loop.c
MAINTAINERS
Makefile
Makefile.objs
Makefile.target
memory_mapping.c
memory.c
migration-exec.c
migration-fd.c
migration-rdma.c
migration-tcp.c
migration-unix.c
migration.c
module-common.c
monitor.c
nbd.c
numa.c
os-posix.c
os-win32.c
page_cache.c
qapi-schema.json
qdev-monitor.c
qdict-test-data.txt
qemu-bridge-helper.c
qemu-char.c
qemu-coroutine-io.c
qemu-coroutine-lock.c
qemu-coroutine-sleep.c
qemu-coroutine.c
qemu-doc.texi
qemu-file.c
qemu-img-cmds.hx
qemu-img.c
qemu-img.texi
qemu-io-cmds.c
qemu-io.c
qemu-log.c
qemu-nbd.c
qemu-nbd.texi
qemu-options-wrapper.h
qemu-options.h
qemu-options.hx
qemu-seccomp.c
qemu-tech.texi
qemu-timer.c
qemu.nsi
qemu.sasl
qmp-commands.hx
qmp.c
qtest.c
README
rules.mak
savevm.c
softmmu_template.h
spice-qemu-char.c
tcg-runtime.c
tci.c
thread-pool.c
thunk.c
tpm.c
trace-events
translate-all.c
translate-all.h
user-exec.c
VERSION
version.rc
vl.c
vmstate.c
xbzrle.c
xen-common-stub.c
xen-common.c
xen-hvm-stub.c
xen-hvm.c
xen-mapcache.c

README 

Read the documentation in qemu-doc.html or on http://wiki.qemu-project.org

- QEMU team