qemu/net at stable-3.0 - qemu - Gitea: Git with a cup of tea

mii/qemu

mirror of https://github.com/mii443/qemu.git synced 2025-08-22 23:25:48 +00:00

Files

History

Jason Wang 9d9430b75f pcnet: fix possible buffer overflow

In pcnet_receive(), we try to assign size_ to size which converts from
size_t to integer. This will cause troubles when size_ is greater
INT_MAX, this will lead a negative value in size and it can then pass
the check of size < MIN_BUF_SIZE which may lead out of bound access
for both buf and buf1.

Fixing by converting the type of size to size_t.

CC: qemu-stable@nongnu.org
Reported-by: Daniel Shapira <daniel@twistlock.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
(cherry picked from commit b1d80d12c5)
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>

2019-03-27 00:53:30 -05:00

..

hw/net/can: Fix segfaults when using the devices without bus

2018-03-26 14:37:13 +02:00

etsec: fix IRQ (un)masking

2018-07-16 11:18:09 +10:00

compiler: add a sizeof_field() macro

2018-06-27 13:01:40 +01:00

allwinner_emac.c

qapi: Change Netdev into a flat union

2016-07-19 20:18:02 +02:00

cadence_gem.c

maint: Fix macros with broken 'do/while(0); ' usage

2018-01-16 14:54:52 +01:00

dp8393x.c

hw/net/dp8393x: don't make prom region 'nomigrate'

2018-07-09 14:51:35 +01:00

e1000_regs.h

e1000: Rename the SEC symbol to SEQEC

2017-09-08 08:17:37 +08:00

e1000.c

e1000: Choose which set of props to migrate

2018-04-10 11:30:03 +08:00

e1000e_core.c

e1000e: Prevent MSI/MSI-X storms

2018-07-20 08:30:48 +08:00

e1000e_core.h

e1000e: Prevent MSI/MSI-X storms

2018-07-20 08:30:48 +08:00

e1000e.c

hw/net: Use the IEC binary prefix definitions

2018-07-02 15:41:16 +02:00

e1000x_common.c

hw/net: Use the IEC binary prefix definitions

2018-07-02 15:41:16 +02:00

e1000x_common.h

e1000, e1000e: Move per-packet TX offload flags out of context state

2017-12-22 09:53:23 +08:00

eepro100.c

hw/net: Use the IEC binary prefix definitions

2018-07-02 15:41:16 +02:00

etraxfs_eth.c

hw/net/etraxfs_eth: Convert printf() calls to trace events

2018-06-29 15:04:18 +01:00

ftgmac100.c

ftgmac100: remove check on runt messages

2018-06-08 13:15:32 +01:00

imx_fec.c

fsl-imx6: Swap Ethernet interrupt defines

2018-03-19 18:23:24 +00:00

lan9118.c

lan9118: use inline net_crc32() and bitshift instead of compute_mcast_idx()

2017-12-22 10:01:27 +08:00

lance.c

hw/net: Remove unnecessary header includes

2018-03-05 10:30:16 +08:00

Makefile.objs

hw: make virtio devices configurable via default-configs/

2018-06-01 15:14:31 +02:00

mcf_fec.c

hw: Do not include "exec/address-spaces.h" if it is not necessary

2018-06-01 14:15:10 +02:00

milkymist-minimac2.c

memory: Rename memory_region_init_ram() to memory_region_init_ram_nomigrate()

2017-07-14 17:59:42 +01:00

mipsnet.c

qapi: Change Netdev into a flat union

2016-07-19 20:18:02 +02:00

ne2000-isa.c

hw: Do not include "exec/address-spaces.h" if it is not necessary

2018-06-01 14:15:10 +02:00

ne2000.c

ne2000: fix possible out of bound access in ne2000_receive

2019-03-27 00:53:12 -05:00

ne2000.h

hw/net: Use the IEC binary prefix definitions

2018-07-02 15:41:16 +02:00

net_rx_pkt.c

net: Transmit zero UDP checksum as 0xFFFF

2017-11-20 11:08:00 +08:00

net_rx_pkt.h

net_pkt: Extend packet abstraction as required by e1000e functionality

2016-06-02 10:42:28 +08:00

net_tx_pkt.c

net: fix misaligned member access

2018-03-02 18:44:00 +00:00

net_tx_pkt.h

clean-includes: run it once more

2016-06-16 18:39:03 +02:00

opencores_eth.c

opencores_eth: use inline net_crc32() and bitshift instead of compute_mcast_idx()

2017-12-22 10:01:27 +08:00

pcnet-pci.c

hw/net: Remove unnecessary header includes

2018-03-05 10:30:16 +08:00

pcnet.c

pcnet: fix possible buffer overflow

2019-03-27 00:53:30 -05:00

pcnet.h

Clean up decorations and whitespace around header guards

2016-07-12 16:20:46 +02:00

rtl8139.c

rtl8139: fix possible out of bound access

2019-03-27 00:53:20 -05:00

smc91c111.c

hw/net/smc91c111: Use qemu_log_mask(UNIMP) instead of fprintf

2018-06-26 17:50:41 +01:00

spapr_llan.c

hw/net/spapr_llan: 6 byte mac address device tree entry

2017-02-22 14:28:53 +11:00

stellaris_enet.c

hw/net/stellaris_enet: Use qemu_log_mask(GUEST_ERROR) instead of hw_error

2018-06-26 17:50:41 +01:00

sungem.c

sungem: fix multicast filter CRC calculation

2017-12-22 10:00:47 +08:00

sunhme.c

sunhme: switch sunhme over to use net_crc32_le()

2017-12-22 10:00:47 +08:00

trace-events

hw/net/etraxfs_eth: Convert printf() calls to trace events

2018-06-29 15:04:18 +01:00

vhost_net.c

spec/vhost-user spec: Add IOMMU support

2017-06-02 18:57:17 +03:00

virtio-net.c

compiler: add a sizeof_field() macro

2018-06-27 13:01:40 +01:00

vmware_utils.h

hw/net/vmxnet3: Fix code to work on big endian hosts, too

2017-11-20 11:08:00 +08:00

vmxnet3.c

qdev: use device_class_set_parent_realize/unrealize/reset()

2018-02-05 13:54:38 +01:00

vmxnet3.h

hw/net/vmxnet3: Fix code to work on big endian hosts, too

2017-11-20 11:08:00 +08:00

vmxnet_debug.h

Clean up ill-advised or unusual header guards

2016-07-12 16:20:46 +02:00

xen_nic.c

xen: remove other open-coded use of libxengnttab

2018-05-22 11:43:21 -07:00

xgmac.c

hw/net: Remove unnecessary header includes

2018-03-05 10:30:16 +08:00

xilinx_axienet.c

object: fix OBJ_PROP_LINK_UNREF_ON_RELEASE ambivalence

2018-06-12 12:07:30 +02:00

xilinx_ethlite.c

hw/net: Fix a heap overflow in xlnx.xps-ethernetlite

2016-08-09 15:27:18 +08:00