falso
/
qemu-irix
mirror of https://github.com/n64decomp/qemu-irix.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
qemu-irix/hw
History
Prasad J Pandit 80eb9b8c44 scsi: megasas: check 'read_queue_head' index value 
While doing MegaRAID SAS controller command frame lookup, routine
'megasas_lookup_frame' uses 'read_queue_head' value as an index
into 'frames[MEGASAS_MAX_FRAMES=2048]' array. Limit its value
within array bounds to avoid any OOB access.

Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Message-Id: <1464179110-18593-1-git-send-email-ppandit@redhat.com>
Reviewed-by: Alexander Graf <agraf@suse.de>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
(cherry picked from commit b60bdd1f1e)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
 		2016-08-09 14:30:08 -05:00
..
9pfs util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
acpi Revert "acpi: mark PMTIMER as unlocked" 2016-05-02 17:19:13 +01:00
alpha util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
arm hw/arm/virt: Reject gic-version=host for non-KVM 2016-08-09 14:28:21 -05:00
audio Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND 2016-03-22 22:20:17 +01:00
block Fix pflash migration 2016-04-15 17:27:34 +02:00
bt util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
char cadence_uart: bounds check write offset 2016-04-19 11:13:59 +01:00
core Sort the fw_cfg file list 2016-04-07 19:57:33 +03:00
cpu include/qemu/osdep.h: Don't include qapi/error.h 2016-03-22 22:20:15 +01:00
cris util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
display vmsvga: don't process more than 1024 fifo commands at once 2016-08-05 13:37:49 -05:00
dma Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND 2016-03-22 22:20:17 +01:00
gpio hw/gpio: Add the emulation of gpio_key 2016-03-30 17:27:22 +01:00
i2c Fix some typos found by codespell 2016-08-05 16:14:47 -05:00
i386 pci-assign: Move "Invalid ROM" error message to pci-assign-load-rom.c 2016-08-05 14:29:49 -05:00
ide ahci: free irqs array 2016-08-09 14:25:31 -05:00
input virtio-input: support absolute axis config in pass-through 2016-04-13 17:26:12 +02:00
intc Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND 2016-03-22 22:20:17 +01:00
ipack include/qemu/osdep.h: Don't include qapi/error.h 2016-03-22 22:20:15 +01:00
ipmi include/qemu/osdep.h: Don't include qapi/error.h 2016-03-22 22:20:15 +01:00
isa hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
lm32 util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
m68k hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
mem include/qemu/osdep.h: Don't include qapi/error.h 2016-03-22 22:20:15 +01:00
microblaze util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
mips hw/mips/cps: enable ITU for multithreading processors 2016-03-30 09:14:00 +01:00
misc cuda: fix off-by-one error in SET_TIME command 2016-04-19 11:39:23 +10:00
moxie hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
net net: mipsnet: check packet length against buffer 2016-08-09 14:28:45 -05:00
nvram Sort the fw_cfg file list 2016-04-07 19:57:33 +03:00
openrisc hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
pci pcie: fix link active status bit migration 2016-08-05 16:45:19 -05:00
pci-bridge hw/pci-bridge: Add missing unref in case register-bus fails 2016-04-07 19:57:33 +03:00
pci-host include/qemu/osdep.h: Don't include qapi/error.h 2016-03-22 22:20:15 +01:00
pcmcia
ppc spapr_drc: fix aborts during DRC-count based hotplug 2016-04-26 11:16:08 +10:00
s390x s390x/ipl: fix reboots for migration from different bios 2016-08-05 15:26:37 -05:00
scsi scsi: megasas: check 'read_queue_head' index value 2016-08-09 14:30:08 -05:00
sd Replaced get_tick_per_sec() by NANOSECONDS_PER_SECOND 2016-03-22 22:20:17 +01:00
sh4 hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
smbios include/qemu/osdep.h: Don't include qapi/error.h 2016-03-22 22:20:15 +01:00
sparc util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
sparc64 util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
ssi
timer Fix some typos found by codespell 2016-08-05 16:14:47 -05:00
tpm tpm: Fix write to file descriptor function 2016-04-13 19:52:34 +03:00
tricore hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
unicore32 hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
usb usb/ohci: Fix crash with when specifying too many num-ports 2016-08-04 16:43:40 -05:00
vfio vfio/pci: Fix VGA quirks 2016-08-05 14:30:32 -05:00
virtio virtio: error out if guest exceeds virtqueue size 2016-08-05 16:56:53 -05:00
watchdog util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
xen util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
xenpv
xtensa hw: explicitly include qemu-common.h and cpu.h 2016-03-22 22:20:17 +01:00
Makefile.objs