fridtjof/qemu-cr16
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
qemu-cr16/include
History
Dmitry Frolov de5bbfc602 hw/cxl: Fix out of bound array access 
According to cxl_interleave_ways_enc(), fw->num_targets is allowed to be up
to 16. This also corresponds to CXL r3.0 spec. So, the fw->target_hbs[]
array is iterated from 0 to 15. But it is statically declared of length 8.
Thus, out of bound array access may occur.

Fixes: c28db9e000 ("hw/pci-bridge: Make PCIe and CXL PXB Devices inherit from TYPE_PXB_DEV")
Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Link: https://lore.kernel.org/r/20230913101055.754709-1-frolov@swemel.ru
Cc: qemu-stable@nongnu.org
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2023-09-21 11:31:18 +03:00
..
authz
block Block layer patches 2023-09-11 09:11:22 -04:00
chardev include/: spelling fixes 2023-09-08 13:08:52 +03:00
crypto crypto: Add generic 64-bit carry-less multiply routine 2023-09-15 13:57:00 +00:00
disas disas: Change type of disassemble_info.target_info to pointer 2023-06-13 17:25:47 +10:00
exec Hi, 2023-09-19 13:22:19 -04:00
fpu fpu: Add conversions between bfloat16 and [u]int8 2023-09-16 14:57:15 +00:00
gdbstub gdbstub: Remove gdb_do_syscallv 2023-03-07 20:44:09 +00:00
hw hw/cxl: Fix out of bound array access 2023-09-21 11:31:18 +03:00
io io: follow coroutine AioContext in qio_channel_yield() 2023-09-07 20:32:11 -05:00
libdecnumber
migration vfio queue: 2023-09-11 09:13:08 -04:00
monitor monitor: add more *_locked() functions 2023-05-25 10:18:33 +02:00
net tap: Add check for USO features 2023-09-18 14:36:13 +08:00
qapi monitor: mark mixed functions that can suspend 2023-04-20 11:17:35 +02:00
qemu *: Delete checks for old host definitions 2023-09-19 13:20:54 -04:00
qom
scsi hw/ufs: Support for UFS logical unit 2023-09-07 14:01:29 -04:00
semihosting
standard-headers linux-headers: Update to Linux v6.6-rc1 2023-09-12 11:34:56 +02:00
sysemu vfio queue: 2023-09-11 09:13:08 -04:00
tcg tcg: Add gvec compare with immediate and scalar operand 2023-09-16 14:57:15 +00:00
ui ui: add precondition for dpy_get_ui_info() 2023-09-12 11:14:09 +04:00
user bulk: Do not declare function prototypes using 'extern' keyword 2023-08-31 19:47:43 +02:00
elf.h util: spelling fixes 2023-08-31 19:47:43 +02:00
glib-compat.h
qemu-io.h
qemu-main.h