OpenE2K
/
qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
qemu-e2k/hw
History
Paolo Bonzini 9feb8adeaa vt82c686: avoid out-of-bounds read 
superio_ioport_readb can read the 256th element of the array.
Coverity reports an out-of-bounds write in superio_ioport_writeb,
but it does not show the corresponding out-of-bounds read
because it cannot prove that it can happen.  Fix the root
cause of the problem (zhanghailang's patch instead fixes
the logic in superio_ioport_writeb).

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Cc: qemu-stable@nongnu.org
 		2015-01-15 10:44:13 +03:00
..
9pfs 9pfs: changed to use event_notifier instead of qemu_pipe 2015-01-09 23:41:11 +01:00
acpi pc: piix4_pm: init legacy PCI hotplug when running on Xen 2014-11-14 11:11:44 +00:00
alpha ide: Update ide_drive_get to be HBA agnostic 2014-10-03 10:30:33 +01:00
arm hw/usb: simplified usb_enabled 2015-01-08 17:32:27 +00:00
audio ac97: register reset via qom 2014-09-29 10:20:05 +02:00
block NVMe: Set correct VS Value for 1.1 Compliant Controllers 2015-01-13 13:43:29 +00:00
bt l2cap: fix access to freed memory 2014-08-15 19:12:48 +04:00
char Migration fix for virtio-serial devices on bi-endian targets by David 2015-01-09 17:59:16 +00:00
core pc: resizeable ROM blocks 2015-01-10 21:02:23 +00:00
cpu icc_bus: fix typo ICC_BRIGDE -> ICC_BRIDGE 2014-11-03 19:51:56 +03:00
cris hw: Convert from BlockDriverState to BlockBackend, mostly 2014-10-20 14:02:25 +02:00
display cirrus hwcursor fixes. 2014-12-17 19:22:42 +00:00
dma hw/dma/i8257: Silence phony error message 2014-09-16 12:35:02 +02:00
gpio PPC: Add MPC8XXX gpio controller 2014-11-04 23:26:12 +01:00
i2c Fix debug print warning 2014-09-02 22:38:16 +04:00
i386 pc: resizeable ROM blocks 2015-01-10 21:02:23 +00:00
ide ide: Implement VPD response for ATAPI 2015-01-13 13:43:29 +00:00
input More migration fixes and more record/replay preparations. Also moves 2015-01-09 16:29:36 +00:00
intc - Migration and linuxboot fixes for 2.2 regressions 2014-12-15 16:43:42 +00:00
ipack memory: remove memory_region_destroy 2014-08-18 12:06:21 +02:00
isa vt82c686: avoid out-of-bounds read 2015-01-15 10:44:13 +03:00
lm32 acpi-build: make ROMs RAM blocks resizeable 2015-01-08 13:17:55 +02:00
m68k hw/core/loader: implement address translation in uimage loader 2014-11-03 00:59:10 +03:00
mem pc: pc-dimm: use backend alignment during address auto allocation 2014-11-23 12:12:46 +02:00
microblaze hw/core/loader: implement address translation in uimage loader 2014-11-03 00:59:10 +03:00
mips mips_mipssim: fix use-after-free for filename 2014-11-17 11:41:03 +01:00
misc vfio: move hw/misc/vfio.c to hw/vfio/pci.c Move vfio.h into include/hw/vfio 2014-12-19 15:24:06 -07:00
moxie memory: add parameter errp to memory_region_init_ram 2014-09-09 13:41:43 +02:00
net hw/net/xen_nic.c: Set 'netdev->mac' to NULL after free it 2015-01-12 10:16:23 +00:00
nvram fw_cfg_mem: expose the "data_width" property with fw_cfg_init_mem_wide() 2014-12-22 23:39:18 +00:00
openrisc hw/core/loader: implement address translation in uimage loader 2014-11-03 00:59:10 +03:00
pci pcie: fix improper use of negative value 2014-11-24 20:57:11 +02:00
pci-bridge qdev: HotplugHandler: Rename unplug callback to unplug_request 2014-10-15 05:03:13 +02:00
pci-host PPC: e500 pci host: Add support for ATMUs 2015-01-07 16:16:24 +01:00
pcmcia hmp: Remove "info pcmcia" 2014-10-24 12:19:11 +01:00
ppc hw/ppc/mac_newworld: simplify usb controller creation logic 2015-01-08 17:32:27 +00:00
s390x s390: implement pci instructions 2015-01-12 10:14:04 +01:00
scsi scsi: fix cancellation when I/O was completed but DMA was not. 2015-01-14 10:38:57 +01:00
sd sdhci: Support SDHCI devices on PCI 2014-12-15 17:34:44 +01:00
sh4 hw: Convert from BlockDriverState to BlockBackend, mostly 2014-10-20 14:02:25 +02:00
sparc fw_cfg: move boards to fw_cfg_init_io() / fw_cfg_init_mem() 2014-12-22 23:39:15 +00:00
sparc64 fw_cfg: move boards to fw_cfg_init_io() / fw_cfg_init_mem() 2014-12-22 23:39:15 +00:00
ssi ssi: xilinx_spi: Initialise CS GPIOs as NULL 2014-08-15 18:54:40 +04:00
timer hpet: increase spelling precision 2014-12-11 20:57:11 +03:00
tpm Drop superfluous conditionals around g_strdup() 2014-12-10 11:30:55 +03:00
tricore target-tricore: check return value before using it 2014-11-02 10:04:34 +03:00
unicore32 memory: add parameter errp to memory_region_init_ram 2014-09-09 13:41:43 +02:00
usb usb: delete redundant brackets in usb_host_handle_control() 2014-12-10 11:24:35 +03:00
vfio vfio-pci: Fix interrupt disabling 2015-01-09 08:50:53 -07:00
virtio virtio-rng: fix check for period_ms validity 2015-01-05 14:02:47 +05:30
watchdog memory: remove memory_region_destroy 2014-08-18 12:06:21 +02:00
xen xen-pt: Fix PCI devices re-attach failed 2015-01-13 11:49:46 +00:00
xenpv hw: Convert from BlockDriverState to BlockBackend, mostly 2014-10-20 14:02:25 +02:00
xtensa hw/xtensa/xtfpga: treat uImage load address as virtual 2014-11-03 01:00:37 +03:00
Makefile.objs vfio: move hw/misc/vfio.c to hw/vfio/pci.c Move vfio.h into include/hw/vfio 2014-12-19 15:24:06 -07:00