mirror of
https://github.com/Motorhead1991/qemu.git
synced 2025-12-11 16:00:50 -07:00
9b6083465f
When setting the parameters of a PCM stream, we compute the bit flag with the format and rate values as shift operand to check if they are set in supported_formats and supported_rates. If the guest provides a format/rate value which when shifting 1 results in a value bigger than the number of bits in supported_formats/supported_rates, we must report an error. Previously, this ended up triggering the not reached assertions later when converting to internal QEMU values. Reported-by: Zheyu Ma <zheyuma97@gmail.com> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2416 Signed-off-by: Manos Pitsidianakis <manos.pitsidianakis@linaro.org> Message-Id: <virtio-snd-fuzz-2416-fix-v1-manos.pitsidianakis@linaro.org> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Reviewed-by: Michael S. Tsirkin <mst@redhat.com> Signed-off-by: Michael S. Tsirkin <mst@redhat.com> |
||
|---|---|---|
| .. | ||
| ac97.c | ||
| ac97.h | ||
| adlib.c | ||
| asc.c | ||
| cs4231.c | ||
| cs4231a.c | ||
| es1370.c | ||
| fmopl.c | ||
| fmopl.h | ||
| gus.c | ||
| gusemu.h | ||
| gusemu_hal.c | ||
| gusemu_mixer.c | ||
| gustate.h | ||
| hda-codec-common.h | ||
| hda-codec.c | ||
| intel-hda-defs.h | ||
| intel-hda.c | ||
| intel-hda.h | ||
| Kconfig | ||
| lm4549.c | ||
| lm4549.h | ||
| marvell_88w8618.c | ||
| meson.build | ||
| pcspk.c | ||
| pl041.c | ||
| pl041.h | ||
| pl041.hx | ||
| sb16.c | ||
| soundhw.c | ||
| trace-events | ||
| trace.h | ||
| via-ac97.c | ||
| virtio-snd-pci.c | ||
| virtio-snd.c | ||
| wm8750.c | ||