OpenE2K/qemu-e2k
13
4
Fork 0
Code Issues 4 Pull Requests Projects 2 Releases Activity
35,863 Commits 9 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Denis V. Lunev da725d0b0e block/parallels: fix access to not initialized memory in catalog_bitmap 
found by valgrind.

Command: ./qemu-img convert -f parallels -O qcow2 1.hds 1.img
Invalid read of size 4
   at 0x17D0EF: parallels_co_read (parallels.c:357)
   by 0x11FEE4: bdrv_aio_rw_vector (block.c:4640)
   by 0x11FFBF: bdrv_aio_readv_em (block.c:4652)
   by 0x11F55F: bdrv_co_readv_em (block.c:4862)
   by 0x123428: bdrv_aligned_preadv (block.c:3056)
   by 0x1239FA: bdrv_co_do_preadv (block.c:3162)
   by 0x125424: bdrv_rw_co_entry (block.c:2706)
   by 0x155DD9: coroutine_trampoline (coroutine-ucontext.c:118)
   by 0x6975B6F: ??? (in /lib/x86_64-linux-gnu/libc-2.19.so)

The problem is that s->catalog_bitmap is allocated/filled as
gmalloc(s->catalog_size) thus index validity check must be
inclusive, i.e. index >= s->catalog_size is invalid.

Signed-off-by: Denis V. Lunev <den@openvz.org>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1412759610-2257-4-git-send-email-den@openvz.org
CC: Jeff Cody <jcody@redhat.com>
CC: Kevin Wolf <kwolf@redhat.com>
CC: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
2014-11-03 09:48:41 +00:00
audio
audio: Drop superfluous conditionals around g_free()
2014-06-13 12:34:54 +02:00
backends
pci, pc, virtio, misc bugfixes
2014-09-18 20:02:01 +01:00
block
block/parallels: fix access to not initialized memory in catalog_bitmap
2014-11-03 09:48:41 +00:00
bsd-user
bsd-user: Fix syscall format, add strace support for more syscalls
2014-06-11 00:25:06 +01:00
default-configs
PPC: Fix default config ordering and add eTSEC for ppc64
2014-09-08 12:50:54 +02:00
disas
disas/libvixl/a64/instructions-a64.h: Remove unused constants
2014-10-24 12:19:12 +01:00
docs
virtio-scsi fixes, the first part of dynamic sysbus devices,
2014-10-30 13:35:12 +00:00
dtc @ bc895d6d09
dtc: add submodule
2013-04-18 13:50:53 +02:00
fpu
softfloat: add functions corresponding to IEEE-2008 min/maxNumMag
2014-10-14 13:28:51 +01:00
fsdev
virtfs-proxy-helper: fix call to accept
2014-04-28 08:55:32 +04:00
gdb-xml
s390x/gdb: add the feature xml files for s390x
2014-09-01 09:45:19 +02:00
hw
ahci: Fix SDB FIS Construction
2014-11-03 09:48:41 +00:00
include
BlockLimits: introduce max_transfer_length
2014-11-03 09:48:41 +00:00
libcacard
libcacard: don't free sign buffer while sign op is pending
2014-10-28 11:38:18 +01:00
libdecnumber
libdecnumber: Fix warnings from smatch (missing static, boolean operations)
2014-08-24 13:21:06 +04:00
linux-headers
linux-headers: update to 3.17-rc7
2014-10-10 10:37:47 +02:00
linux-user
translate-all.c: memory walker initial address miscalculation
2014-10-06 21:53:35 +03:00
net
Net patches
2014-09-04 17:39:07 +01:00
pc-bios
linuxboot: compute initrd loading address
2014-10-09 15:36:15 +02:00
pixman @ 87eea99e44
pixman: update internal copy to pixman-0.32.6
2014-09-15 08:14:19 +02:00
po
po: fix conflict with %.mo rule in rules.mak
2014-09-26 13:35:08 +02:00
qapi
qapi: Add corrupt field to ImageInfoSpecificQCow2
2014-10-04 19:18:17 +01:00
qga
qga: Rewrite code where using readdir_r
2014-10-22 07:49:52 -05:00
qobject
json-lexer: fix escaped backslash in single-quoted string
2014-06-23 11:01:24 -04:00
qom
qom: Demote already-has-a-parent to a regular error
2014-10-23 16:41:25 +02:00
roms
Update OpenBIOS images
2014-09-25 13:34:03 +01:00
scripts
get_maintainer.pl: restrict cases where it falls back to --git
2014-10-23 16:41:27 +02:00
slirp
slirp: udp: fix NULL pointer dereference because of uninitialized socket
2014-09-23 19:15:05 +01:00
stubs
block: Code motion to get rid of stubs/blockdev.c
2014-10-20 13:41:26 +02:00
sysconfigs/target
Eliminate cpus-x86_64.conf file
2012-09-21 15:12:58 +02:00
target-alpha
target-alpha: Use cpu_exec_interrupt qom hook
2014-09-25 18:54:21 +01:00
target-arm
target-arm: A32: Emulate the SMC instruction
2014-10-24 12:19:15 +01:00
target-cris
gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flag
2014-10-06 14:25:43 +01:00
target-i386
target-i386: add Intel AVX-512 support
2014-10-24 18:03:14 +02:00
target-lm32
gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flag
2014-10-06 14:25:43 +01:00
target-m68k
target-m68k: Use cpu_exec_interrupt qom hook
2014-09-25 18:54:21 +01:00
target-microblaze
target-microblaze: Use cpu_exec_interrupt qom hook
2014-09-25 18:54:22 +01:00
target-mips
target-mips: add ULL suffix in bitswap to avoid compiler warning
2014-10-24 14:07:51 +01:00
target-moxie
softmmu: introduce cpu_ldst.h
2014-06-05 16:10:33 +02:00
target-openrisc
target-openrisc: Use cpu_exec_interrupt qom hook
2014-09-25 18:54:22 +01:00
target-ppc
qdev: Drop legacy_name from qdev properties
2014-10-15 05:03:15 +02:00
target-s390x
s390x/migration: migrate CPU state
2014-10-10 13:31:51 +02:00
target-sh4
target-sh4: Use cpu_exec_interrupt qom hook
2014-09-25 18:54:22 +01:00
target-sparc
target-sparc: Use cpu_exec_interrupt qom hook
2014-09-25 18:54:22 +01:00
target-tricore
target-tricore: Add instructions of BO opcode format
2014-10-20 12:25:07 +01:00
target-unicore32
target-unicore32: Use cpu_exec_interrupt qom hook
2014-09-25 18:54:22 +01:00
target-xtensa
gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flag
2014-10-06 14:25:43 +01:00
tcg
tcg/mips: fix store softmmu slow path
2014-11-02 13:30:00 +01:00
tests
iotests: add v2 parallels sample image and simple test for it
2014-11-03 09:48:41 +00:00
trace
trace: [hmp] Reimplement "trace-event" and "info trace-events" using QMP
2014-09-26 09:34:38 +01:00
ui
vnc: return directly if no vnc client connected
2014-10-30 18:21:25 +00:00
util
Four changes here. Polling for reconnection of character devices,
2014-10-09 15:09:05 +01:00
.exrc
qemu: add .exrc
2012-09-07 09:02:44 +03:00
.gitignore
trace: [tcg] Generate TCG tracing routines
2014-08-12 14:26:12 +01:00
.gitmodules
PPC: Add u-boot firmware for e500
2014-06-16 13:24:35 +02:00
.mailmap
Update mailmap
2013-09-05 09:40:31 -05:00
.travis.yml
.travis.yml: remove "make check" from main matrix
2014-09-26 21:05:06 +04:00
accel.c
accel: Create accel object when initializing machine
2014-10-09 15:36:14 +02:00
aio-posix.c
AioContext: introduce aio_prepare
2014-08-29 10:46:58 +01:00
aio-win32.c
aio-win32: avoid out-of-bounds access to the events array
2014-09-22 11:39:21 +01:00
arch_init.c
migration: catch unknown flag combinations in ram_load
2014-10-14 11:24:20 +02:00
async.c
async: aio_context_new(): Handle event_notifier_init failure
2014-09-22 11:39:48 +01:00
balloon.c
qapi event: convert BALLOON_CHANGE
2014-06-23 11:12:28 -04:00
block-migration.c
block: Rename BlockDriverAIOCB* to BlockAIOCB*
2014-10-20 13:41:27 +02:00
block.c
block: avoid creating oversized writes in multiwrite_merge
2014-11-03 09:48:41 +00:00
blockdev-nbd.c
block: Use g_new() & friends where that makes obvious sense
2014-08-20 11:51:28 +02:00
blockdev.c
block: Lift device model API into BlockBackend
2014-10-20 14:03:50 +02:00
blockjob.c
block: Rename BlockDriverCompletionFunc to BlockCompletionFunc
2014-10-20 13:41:27 +02:00
bootdevice.c
bootindex: change fprintf to error_report
2014-10-15 10:46:01 +02:00
bt-host.c
sysemu: avoid proliferation of include/ subdirectories
2013-04-15 18:19:25 +02:00
bt-vhci.c
sysemu: avoid proliferation of include/ subdirectories
2013-04-15 18:19:25 +02:00
Changelog
Use qemu-project.org domain name
2013-10-11 09:34:56 -07:00
CODING_STYLE
CODING_STYLE: Section about conditional statement
2014-08-15 18:54:06 +04:00
configure
configure: Prepend pixman and ftd flags to overrule system-provided ones
2014-10-15 12:20:27 +02:00
COPYING
COPYING.LIB
coroutine-gthread.c
glib-compat.h: add new thread API emulation on top of pre-2.31 API
2014-06-10 07:44:01 +02:00
coroutine-sigaltstack.c
Merge remote-tracking branch 'kwolf/for-anthony' into staging
2013-02-26 07:44:39 -06:00
coroutine-ucontext.c
Fix warnings suppressors to honor --disable-werror
2013-04-17 10:28:04 -05:00
coroutine-win32.c
coroutine-win32.c: Add noinline attribute to work around gcc bug
2014-06-26 14:08:14 +01:00
cpu-exec.c
cpu-exec: Do CPU_INTERRUPT_HALT unconditionally
2014-09-25 18:54:22 +01:00
cpus.c
Introduce cpu_clean_all_dirty
2014-09-16 11:04:09 +02:00
cputlb.c
implementing victim TLB for QEMU system emulated TLB
2014-09-01 17:43:06 +01:00
device_tree.c
device_tree.c: dump all err mesages with error_report
2014-09-02 22:38:16 +04:00
device-hotplug.c
blockdev: Eliminate drive_del()
2014-10-20 13:41:26 +02:00
disas.c
monitor: QEMU Monitor Instruction Disassembly Incorrect for PowerPC LE Mode
2014-06-16 13:24:26 +02:00
dma-helpers.c
hw: Convert from BlockDriverState to BlockBackend, mostly
2014-10-20 14:02:25 +02:00
dump.c
dump: Turn some functions to void to make code cleaner
2014-10-23 09:01:29 -04:00
exec.c
exec.c: fix setting 1-byte-long watchpoints
2014-09-19 17:42:16 +01:00
gdbstub.c
gdbstub: Allow target CPUs to specify watchpoint STOP_BEFORE_ACCESS flag
2014-10-06 14:25:43 +01:00
HACKING
HACKING: Document vaddr type usage
2013-07-23 02:41:31 +02:00
hmp-commands.hx
hmp: Remove "info pcmcia"
2014-10-24 12:19:11 +01:00
hmp.c
Add HMP command "info memory-devices"
2014-09-26 13:37:06 -04:00
hmp.h
Add HMP command "info memory-devices"
2014-09-26 13:37:06 -04:00
iohandler.c
iohandler.c: Properly initialize sigaction struct
2014-05-24 00:07:29 +04:00
ioport.c
memory: convert memory_region_destroy to object_unparent
2014-08-18 12:06:20 +02:00
iothread.c
async: aio_context_new(): Handle event_notifier_init failure
2014-09-22 11:39:48 +01:00
kvm-all.c
kvm fix compilation with GCC 4.3.4
2014-10-10 14:07:08 +01:00
kvm-stub.c
accel: Move KVM accel registration to kvm-all.c
2014-10-04 08:59:15 +02:00
LICENSE
LICENSE: clarify
2013-08-12 09:15:12 -05:00
main-loop.c
Revert "main-loop.c: Handle SIGINT, SIGHUP and SIGTERM synchronously"
2014-10-27 15:05:09 +00:00
MAINTAINERS
virtio-scsi fixes, the first part of dynamic sysbus devices,
2014-10-30 13:35:12 +00:00
Makefile
trace: install trace-events file
2014-09-26 09:34:39 +01:00
Makefile.objs
qemu-file: Move stdio implementation to qemu-file-stdio.c
2014-10-14 10:29:28 +02:00
Makefile.target
bootdevice: move bootdevice related code to new file bootdevice.c
2014-10-15 09:49:48 +02:00
memory_mapping.c
cpu: Use QTAILQ for CPU list
2013-09-03 12:25:55 +02:00
memory.c
memory: add parameter errp to memory_region_init_rom_device
2014-09-09 13:41:44 +02:00
migration-exec.c
aio / timers: Untangle include files
2013-08-22 19:10:27 +02:00
migration-fd.c
aio / timers: Untangle include files
2013-08-22 19:10:27 +02:00
migration-rdma.c
rdma: Fix incorrect description in comments
2014-09-20 17:55:53 +04:00
migration-tcp.c
qemu-sockets: Add error to non-blocking connect handler
2014-10-09 15:36:15 +02:00
migration-unix.c
qemu-sockets: Add error to non-blocking connect handler
2014-10-09 15:36:15 +02:00
migration.c
block/migration: Disable cache invalidate for incoming migration
2014-10-14 09:35:21 +02:00
module-common.c
module: implement module loading
2014-02-20 13:14:18 +01:00
monitor.c
hmp: Remove "info pcmcia"
2014-10-24 12:19:11 +01:00
nbd.c
block/migration: Disable cache invalidate for incoming migration
2014-10-14 09:35:21 +02:00
numa.c
memory: add parameter errp to memory_region_init_ram
2014-09-09 13:41:43 +02:00
os-posix.c
os-posix: report error message when lock file failed
2014-09-26 21:21:09 +04:00
os-win32.c
util: Split out exec_dir from os_find_datadir
2014-02-20 13:12:54 +01:00
page_cache.c
migration: Plug memory leak in migrate-set-cache-size command
2014-06-10 19:54:43 +04:00
qapi-schema.json
qmp: Print descriptions of object properties
2014-10-15 05:03:15 +02:00
qdev-monitor.c
qmp: Print descriptions of object properties
2014-10-15 05:03:15 +02:00
qdict-test-data.txt
qemu-bridge-helper.c
qemu-bridge-helper: Fix fd leak in main()
2014-06-27 10:39:10 +02:00
qemu-char.c
qemu-char: Fix reconnect socket error reporting
2014-10-09 15:36:15 +02:00
qemu-coroutine-io.c
qemu-coroutine-io: fix for Win32
2014-08-29 10:46:58 +01:00
qemu-coroutine-lock.c
coroutine: remove qemu_co_queue_wait_insert_head
2013-12-02 17:11:49 +01:00
qemu-coroutine-sleep.c
coroutine: Drop co_sleep_ns
2014-08-29 10:46:58 +01:00
qemu-coroutine.c
coroutine: make pool size dynamic
2014-08-15 15:07:14 +02:00
qemu-doc.texi
block: delete cow block driver
2014-09-22 11:39:45 +01:00
qemu-file-stdio.c
qemu-file: Move stdio implementation to qemu-file-stdio.c
2014-10-14 10:29:28 +02:00
qemu-file-unix.c
qemu-file: Move unix and socket implementations to qemu-file-unix.c
2014-10-14 10:29:28 +02:00
qemu-file.c
qemu-file: Move stdio implementation to qemu-file-stdio.c
2014-10-14 10:29:28 +02:00
qemu-img-cmds.hx
qemu-img: Allow cache mode specification for amend
2014-08-22 14:54:48 +02:00
qemu-img.c
qemu-img: Print error if check failed
2014-10-23 19:42:07 +02:00
qemu-img.texi
block: delete cow block driver
2014-09-22 11:39:45 +01:00
qemu-io-cmds.c
qemu-io: Respect early image end for map
2014-10-23 15:34:02 +02:00
qemu-io.c
block: Make BlockBackend own its BlockDriverState
2014-10-20 13:41:26 +02:00
qemu-log.c
qemu-log: default to stderr for logging output
2013-02-26 13:31:47 -06:00
qemu-nbd.c
block: Make BlockBackend own its BlockDriverState
2014-10-20 13:41:26 +02:00
qemu-nbd.texi
nbd: Miscellaneous typo fixes.
2014-05-24 00:07:29 +04:00
qemu-options-wrapper.h
qemu-options.h
qemu-options.hx
aio / timers: De-document -clock
2014-10-27 16:11:45 +01:00
qemu-seccomp.c
seccomp: add semctl() to the syscall whitelist
2014-08-21 10:29:16 +02:00
qemu-tech.texi
qemu-tech.texi: update implemented xtensa features list
2012-11-29 13:00:52 -06:00
qemu-timer.c
vl.c: remove init_clocks call from main
2014-05-09 20:57:32 +02:00
qemu.nsi
nsis: Improved support for parallel installation of 32 and 64 bit code
2013-11-07 07:02:44 +01:00
qemu.sasl
sasl: Avoid 'Could not find keytab file' in syslog
2014-03-15 13:54:18 +04:00
qmp-commands.hx
add input-send-event command
2014-10-02 09:58:14 +02:00
qmp.c
qmp: Print descriptions of object properties
2014-10-15 05:03:15 +02:00
qtest.c
qtest: fix qtest log fd should be initialized before qtest chardev
2014-10-23 16:41:27 +02:00
README
Use qemu-project.org domain name
2013-10-11 09:34:56 -07:00
rules.mak
Fix cross compilation (nm command)
2014-09-19 17:20:11 +01:00
savevm.c
snapshot: Reset err to NULL to avoid double free
2014-11-03 09:48:41 +00:00
softmmu_template.h
implementing victim TLB for QEMU system emulated TLB
2014-09-01 17:43:06 +01:00
spice-qemu-char.c
qemu-char: Rename register_char_driver_qapi() to register_char_driver()
2014-09-16 23:36:32 +01:00
tcg-runtime.c
tcg: Push tcg-runtime routines into exec/helper-*
2014-05-28 09:33:54 -07:00
tci.c
Merge remote-tracking branch 'remotes/bonzini/softmmu-smap' into staging
2014-06-05 21:06:14 +01:00
thread-pool.c
block: Rename BlockDriverCompletionFunc to BlockCompletionFunc
2014-10-20 13:41:27 +02:00
thunk.c
exec: move include files to include/exec/
2012-12-19 08:31:31 +01:00
tpm.c
Use error_is_set() only when necessary
2014-02-17 11:57:23 -05:00
trace-events
hw: Convert from BlockDriverState to BlockBackend, mostly
2014-10-20 14:02:25 +02:00
translate-all.c
translate-all.c: memory walker initial address miscalculation
2014-10-06 21:53:35 +03:00
translate-all.h
translate-all: Change tb_check_watchpoint() argument to CPUState
2014-03-13 19:20:48 +01:00
user-exec.c
softmmu: introduce cpu_ldst.h
2014-06-05 16:10:33 +02:00
VERSION
Open 2.2 development tree
2014-08-01 18:30:08 +01:00
version.rc
Use qemu-project.org domain name
2013-10-11 09:34:56 -07:00
vl.c
Make qemu_shutdown_requested signal-safe
2014-10-27 14:09:27 +00:00
vmstate.c
vmstate: Allow dynamic allocation for VBUFFER during migration
2014-10-14 09:35:48 +02:00
xbzrle.c
xbzrle.c: Avoid undefined behaviour with signed arithmetic
2014-04-18 10:33:36 +04:00
xen-common-stub.c
accel: Move Xen registration code to xen-common.c
2014-10-04 08:59:15 +02:00
xen-common.c
accel: Pass MachineState object to accel init functions
2014-10-09 12:57:10 +02:00
xen-hvm-stub.c
xen-hvm: Fix xen_hvm_init() to adjust pc memory layout
2014-06-23 17:50:04 +03:00
xen-hvm.c
xen-hvm.c: Add support for Xen access to vmport
2014-10-30 14:16:38 +00:00
xen-mapcache.c
xen: build on ARM
2014-07-07 10:37:40 +00:00

README 

Read the documentation in qemu-doc.html or on http://wiki.qemu-project.org

- QEMU team
Description
QEMU With E2K User Support
Readme 459 MiB
Languages
C 83.1%
C++ 6.3%
Python 3.2%
Dylan 2.8%
Shell 1.6%
Other 2.8%