mii/qemu
1
0
Fork 0
mirror of https://github.com/mii443/qemu.git synced 2025-09-03 23:59:38 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
72694a69c98723f51a0b4ab8113ab0362029c753
qemu/include/hw/cxl
History
Dmitry Frolov f59caeca76 hw/cxl: Fix out of bound array access 
According to cxl_interleave_ways_enc(), fw->num_targets is allowed to be up
to 16. This also corresponds to CXL r3.0 spec. So, the fw->target_hbs[]
array is iterated from 0 to 15. But it is statically declared of length 8.
Thus, out of bound array access may occur.

Fixes: c28db9e000 ("hw/pci-bridge: Make PCIe and CXL PXB Devices inherit from TYPE_PXB_DEV")
Signed-off-by: Dmitry Frolov <frolov@swemel.ru>
Reviewed-by: Michael Tokarev <mjt@tls.msk.ru>
Link: https://lore.kernel.org/r/20230913101055.754709-1-frolov@swemel.ru
Cc: qemu-stable@nongnu.org
Signed-off-by: Jonathan Cameron <Jonathan.Cameron@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
(cherry picked from commit de5bbfc602)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
2023-10-03 02:00:54 +03:00
..
cxl_cdat.h
include/hw/pci: Break inclusion loop pci_bridge.h and cxl.h
2023-01-08 01:54:22 -05:00
cxl_component.h
hw/pxb-cxl: Support passthrough HDM Decoders unless overridden
2023-03-07 19:51:07 -05:00
cxl_device.h
hw/cxl/events: Add event interrupt support
2023-06-22 18:55:14 -04:00
cxl_events.h
hw/cxl/events: Add injection of Memory Module Events
2023-06-23 02:54:40 -04:00
cxl_host.h
hw/cxl: Clean up includes
2023-02-08 07:16:23 +01:00
cxl_pci.h
hw/cxl: Clean up includes
2023-02-08 07:16:23 +01:00
cxl.h
hw/cxl: Fix out of bound array access
2023-10-03 02:00:54 +03:00