OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
834fe28ddf
qemu-e2k/hw/bt
History
Paolo Bonzini 141af038dd bt: rewrite csrhci_write to avoid out-of-bounds writes 
The usage of INT_MAX in this function confuses Coverity.  I think
the defect is bogus, however there is no protection against
getting more than sizeof(s->inpkt) bytes from the character device
backend.

Rewrite the function to only fill in as much data as needed from
buf into s->inpkt.  The plen variable is replaced by a simple
state machine and there is no need anymore to shift contents to
the beginning of s->inpkt.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2016-05-29 09:11:11 +02:00
..
core.c hw: Clean up includes 2016-01-29 15:07:25 +00:00
hci-csr.c bt: rewrite csrhci_write to avoid out-of-bounds writes 2016-05-29 09:11:11 +02:00
hci.c util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
hid.c hw: Clean up includes 2016-01-29 15:07:25 +00:00
l2cap.c qemu-common: stop including qemu/bswap.h from qemu-common.h 2016-05-19 16:42:28 +02:00
Makefile.objs hw: move target-independent files to subdirectories 2013-04-08 18:13:12 +02:00
sdp.c qemu-common: stop including qemu/host-utils.h from qemu-common.h 2016-05-19 16:42:28 +02:00