qemu-e2k/hw/usb
Peter Maydell f8324611c1 hw/usb/hcd-xhci: Avoid variable-length array in xhci_get_port_bandwidth()
In xhci_get_port_bandwidth(), we use a variable-length array to
construct the buffer to send back to the guest. Avoid the VLA
by using dma_memory_set() to directly request the memory system
to fill the guest memory with a string of '80's.

The codebase has very few VLAs, and if we can get rid of them all we
can make the compiler error on new additions.  This is a defensive
measure against security bugs where an on-stack dynamic allocation
isn't correctly size-checked (e.g.  CVE-2021-3527).

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20230824164818.2652452-1-peter.maydell@linaro.org>
2023-08-31 19:47:43 +02:00
..
bus.c
canokey.c hw/usb/canokey: change license to GPLv2+ 2023-07-25 17:24:12 +01:00
canokey.h hw/usb/canokey: change license to GPLv2+ 2023-07-25 17:24:12 +01:00
ccid-card-emulated.c hw/usb: spelling fixes 2023-08-31 19:47:43 +02:00
ccid-card-passthru.c modules: introduces module_kconfig directive 2022-06-06 09:26:53 +02:00
ccid.h
chipidea.c
combined-packet.c
core.c
desc-msos.c
desc.c
desc.h
dev-audio.c
dev-hid.c
dev-hub.c hw/usb: fix tab indentation 2022-11-08 11:13:48 +01:00
dev-mtp.c hw/usb: dev-mtp: Use g_mkdir() 2022-10-31 20:37:58 +00:00
dev-network.c hw/usb: fix tab indentation 2022-11-08 11:13:48 +01:00
dev-serial.c
dev-smartcard-reader.c hw/usb/dev-smartcard-reader: Avoid forward-declaring CCIDBus 2023-02-27 22:29:02 +01:00
dev-storage-bot.c Don't include headers already included by qemu/osdep.h 2023-02-08 07:28:05 +01:00
dev-storage-classic.c Don't include headers already included by qemu/osdep.h 2023-02-08 07:28:05 +01:00
dev-storage.c usb/msd: add usb_msd_fatal_error() and fix guest-triggerable assert 2022-09-27 07:32:30 +02:00
dev-uas.c hw: replace most qemu_bh_new calls with qemu_bh_new_guarded 2023-04-28 11:31:54 +02:00
dev-wacom.c hw/usb: fix tab indentation 2022-11-08 11:13:48 +01:00
hcd-dwc2.c hw: replace most qemu_bh_new calls with qemu_bh_new_guarded 2023-04-28 11:31:54 +02:00
hcd-dwc2.h Clean up header guards that don't match their file name 2022-05-11 16:49:06 +02:00
hcd-dwc3.c
hcd-ehci-pci.c hw/usb/hcd-ehci-pci: Simplify using DEVICE_GET_CLASS() macro 2023-06-09 23:38:16 +03:00
hcd-ehci-sysbus.c
hcd-ehci.c hw/usb: spelling fixes 2023-08-31 19:47:43 +02:00
hcd-ehci.h include/hw/pci: Split pci_device.h off pci.h 2023-01-08 01:54:22 -05:00
hcd-musb.c hw/usb: fix tab indentation 2022-11-08 11:13:48 +01:00
hcd-ohci-pci.c include/hw/pci: Split pci_device.h off pci.h 2023-01-08 01:54:22 -05:00
hcd-ohci.c hw/usb: spelling fixes 2023-08-31 19:47:43 +02:00
hcd-ohci.h hw/usb/ohci: Use OHCIState type definition 2023-02-27 22:29:02 +01:00
hcd-uhci.c hw: replace most qemu_bh_new calls with qemu_bh_new_guarded 2023-04-28 11:31:54 +02:00
hcd-uhci.h hw/usb/uhci: Declare QOM macros using OBJECT_DECLARE_TYPE() 2023-02-27 22:29:02 +01:00
hcd-xhci-nec.c hw/usb/xhci-nec: Replace container_of() by NEC_XHCI() QOM cast macro 2023-02-27 22:29:02 +01:00
hcd-xhci-pci.c hw/usb/hcd-xhci: Reset the XHCIState with device_cold_reset() 2022-11-23 12:28:51 +01:00
hcd-xhci-pci.h include/hw/pci: Split pci_device.h off pci.h 2023-01-08 01:54:22 -05:00
hcd-xhci-sysbus.c hw/usb/hcd-xhci: Reset the XHCIState with device_cold_reset() 2022-11-23 12:28:51 +01:00
hcd-xhci-sysbus.h
hcd-xhci.c hw/usb/hcd-xhci: Avoid variable-length array in xhci_get_port_bandwidth() 2023-08-31 19:47:43 +02:00
hcd-xhci.h
host-libusb.c hw: replace most qemu_bh_new calls with qemu_bh_new_guarded 2023-04-28 11:31:54 +02:00
host.h
imx-usb-phy.c hw/usb/imx: Fix out of bounds access in imx_usbphy_read() 2023-03-21 13:19:07 +00:00
Kconfig kconfig: Add PCIe devices to s390x machines 2023-07-14 11:10:57 +02:00
libhw.c
meson.build meson: Replace softmmu_ss -> system_ss 2023-06-20 10:01:30 +02:00
pcap.c
quirks-ftdi-ids.h
quirks-pl2303-ids.h hw/usb: fix tab indentation 2022-11-08 11:13:48 +01:00
quirks.c
quirks.h hw/usb: spelling fixes 2023-08-31 19:47:43 +02:00
redirect.c hw/usb: spelling fixes 2023-08-31 19:47:43 +02:00
trace-events hw/usb: spelling fixes 2023-08-31 19:47:43 +02:00
trace.h
tusb6010.c
u2f-emulated.c
u2f-passthru.c
u2f.c
u2f.h hw/usb/u2f: Declare QOM macros using OBJECT_DECLARE_TYPE() 2023-02-27 22:29:02 +01:00
vt82c686-uhci-pci.c hw/usb/vt82c686-uhci-pci: Use PCI IRQ routing 2023-03-08 00:37:48 +01:00
xen-usb.c hw/usb: spelling fixes 2023-08-31 19:47:43 +02:00
xlnx-usb-subsystem.c
xlnx-versal-usb2-ctrl-regs.c