qemu-e2k

History

Peter Maydell 6c4f984463 hw/xen/xen_pt_graphics: Don't trust the BIOS ROM contents so much Coverity (CID 796599) points out that xen_pt_setup_vga() trusts the rom->size field in the BIOS ROM from a PCI passthrough VGA device, and uses it as an index into the memory which contains the BIOS image. A corrupt BIOS ROM could therefore cause us to index off the end of the buffer. Check that the size is within bounds before we use it. We are also trusting the pcioffset field, and assuming that the whole rom_header is present; Coverity doesn't notice these, but check them too. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Acked-by: Anthony PERARD <anthony.perard@citrix.com> Signed-off-by: Anthony PERARD <anthony.perard@citrix.com>		2019-01-14 13:45:40 +00:00
..
Makefile.objs
trace-events
xen_backend.c	xen_backend: remove xen_sysdev_init() function	2018-12-13 13:48:02 +00:00
xen_devconfig.c	avoid TABs in files that only contain a few	2019-01-11 15:46:56 +01:00
xen_pt_config_init.c	xen: Use the PCI_DEVICE macro	2018-10-26 17:17:32 +02:00
xen_pt_graphics.c	hw/xen/xen_pt_graphics: Don't trust the BIOS ROM contents so much	2019-01-14 13:45:40 +00:00
xen_pt_load_rom.c
xen_pt_msi.c
xen_pt.c	xen/pt: Fix incomplete conversion to realize()	2018-10-19 14:51:34 +02:00
xen_pt.h
xen_pvdev.c	qemu/queue.h: leave head structs anonymous unless necessary	2019-01-11 15:46:55 +01:00
xen-common.c	machine: Use shorter format for GlobalProperty arrays	2019-01-09 22:10:00 -02:00
xen-host-pci-device.c
xen-host-pci-device.h