falso
/
qemu-irix
mirror of https://github.com/n64decomp/qemu-irix.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
qemu-irix/hw/scsi
History
Prasad J Pandit 926cde5f3e scsi: esp: make cmdbuf big enough for maximum CDB size 
While doing DMA read into ESP command buffer 's->cmdbuf', it could
write past the 's->cmdbuf' area, if it was transferring more than 16
bytes.  Increase the command buffer size to 32, which is maximum when
's->do_cmd' is set, and add a check on 'len' to avoid OOB access.

Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
 		2016-06-16 18:39:05 +02:00
..
Makefile.objs
esp-pci.c
esp.c scsi: esp: make cmdbuf big enough for maximum CDB size 2016-06-16 18:39:05 +02:00
lsi53c895a.c
megasas.c scsi: megasas: null terminate bios version buffer 2016-06-07 14:09:05 +02:00
mfi.h
mpi.h
mptconfig.c
mptendian.c
mptsas.c
mptsas.h
scsi-bus.c
scsi-disk.c scsi-disk: Use (unsigned long) typecasts when using "%lu" format string 2016-06-16 18:39:04 +02:00
scsi-generic.c scsi-generic: Merge block max xfer len in INQUIRY response 2016-05-29 09:11:12 +02:00
spapr_vscsi.c
srp.h
vhost-scsi.c
viosrp.h
virtio-scsi-dataplane.c
virtio-scsi.c virtio: drop duplicate virtio_queue_get_id() function 2016-06-07 14:40:51 +01:00
vmw_pvscsi.c
vmw_pvscsi.h