yuzu-emu/unicorn
1
0
Fork 0
mirror of https://github.com/yuzu-emu/unicorn.git synced 2024-10-20 01:58:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
ea6ea4313d
unicorn/qemu
History
liujunjie ea6ea4313d
qstring: Fix qstring_from_substr() not to provoke int overflow 
qstring_from_substr() parameters @start and @end are of type int.
blkdebug_parse_filename(), blkverify_parse_filename(), nbd_parse_uri(),
and qstring_from_str() pass @end values of type size_t or ptrdiff_t.
Values exceeding INT_MAX get truncated, with possibly disastrous
results.

Such huge substrings seem unlikely, but we found one in a core dump,
where "info tlb" executed via QMP's human-monitor-command apparently
produced 35 GiB of output.

Fix by changing the parameters size_t.

Backports commit ad63c549ecd4af4a22a675a815edeb06b0e7bb6e from qemu
2018-08-02 21:21:51 -04:00
..
accel accel/tcg: Correct "is this a TLB miss" check in get_page_addr_code() 2018-07-03 19:23:25 -04:00
crypto
default-configs
docs
fpu fpu/softfloat: Define floatN_silence_nan in terms of parts_silence_nan 2018-05-20 00:13:42 -04:00
hw
include qstring: Fix qstring_from_substr() not to provoke int overflow 2018-08-02 21:21:51 -04:00
qapi qobject: Modify qobject_ref() to return obj 2018-05-04 10:24:10 -04:00
qobject qstring: Fix qstring_from_substr() not to provoke int overflow 2018-08-02 21:21:51 -04:00
qom qobject: Replace qobject_incref/QINCREF qobject_decref/QDECREF 2018-05-04 10:16:07 -04:00
scripts Revert "Makefile: Rename TARGET_DIRS to TARGET_LIST" 2018-07-05 17:40:24 -04:00
target i386: Rename enum CacheType members 2018-07-24 21:34:10 -04:00
tcg tcg/i386: Mark xmm registers call-clobbered 2018-07-23 20:00:26 -04:00
util i386: Fix up the Node id for CPUID_8000_001E 2018-07-03 00:31:38 -04:00
aarch64.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
aarch64eb.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
accel.c
arm.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
armeb.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
CODING_STYLE
configure Revert "Makefile: Rename TARGET_DIRS to TARGET_LIST" 2018-07-05 17:40:24 -04:00
COPYING
COPYING.LIB
cpus.c
exec.c exec: Fix MAP_RAM for cached access 2018-07-03 01:11:12 -04:00
gen_all_header.sh
glib_compat.c
HACKING HACKING: document preference for g_new instead of g_malloc 2018-05-22 00:30:50 -04:00
header_gen.py target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
ioport.c
LICENSE
m68k.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
Makefile Revert "Makefile: Rename TARGET_DIRS to TARGET_LIST" 2018-07-05 17:40:24 -04:00
Makefile.objs
Makefile.target tcg: remove softfloat from --disable-tcg builds 2018-06-07 11:49:35 -04:00
memory_ldst.inc.c exec: Fix MAP_RAM for cached access 2018-07-03 01:11:12 -04:00
memory_mapping.c
memory.c
mips64.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
mips64el.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
mips.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
mipsel.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
powerpc.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
qemu-timer.c
rules.mak
sparc64.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
sparc.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00
unicorn_common.h
VERSION Update version for v3.0.0-rc2 release 2018-07-24 21:36:01 -04:00
vl.c
vl.h
x86_64.h target/arm: Implement SVE dot product (indexed) 2018-07-03 04:42:41 -04:00