motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2026-03-01 15:44:38 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions
qemu/hw
History
Peter Maydell 937df81af6 hw/net/smc91c111: Ignore attempt to pop from empty RX fifo 
The SMC91C111 includes an MMU Command register which permits
the guest to remove entries from the RX FIFO. The datasheet
does not specify what happens if the guest tries to do this
when the FIFO is already empty; there are no status registers
containing error bits which might be applicable.

Currently we don't guard at all against pop of an empty
RX FIFO, with the result that we allow the guest to drive
the rx_fifo_len index to negative values, which will cause
smc91c111_receive() to write to the rx_fifo[] array out of
bounds when we receive the next packet.

Instead ignore attempts to pop an empty RX FIFO.

Cc: qemu-stable@nongnu.org
Fixes: 80337b66a8 ("NIC emulation for qemu arm-softmmu")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2780
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Message-ID: <20250207151157.3151776-1-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2025-02-16 14:25:08 +01:00
..
9pfs 9pfs: improve v9fs_open() tracing 2025-02-06 17:10:46 +01:00
acpi hw/acpi: Add vmclock device 2025-01-15 17:43:24 -05:00
adc include/hw/qdev-properties: Remove DEFINE_PROP_END_OF_LIST 2024-12-19 19:36:37 +01:00
alpha hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
arm hw/arm: Remove all invalid uses of auto_create_sdcard=true 2025-02-16 14:25:08 +01:00
audio Accel & Exec patch queue 2024-12-21 11:07:00 -05:00
avr hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
block Block layer patches 2025-02-10 13:25:36 -05:00
char hw/char: Add emulation of Diva GSP PCI management boards 2025-02-04 22:57:34 +01:00
core hw/boards: Rename no_sdcard -> auto_create_sdcard 2025-02-16 14:25:08 +01:00
cpu hw/cpu/arm: Declare CPU QOM types using DEFINE_TYPES() macro 2025-02-07 16:09:19 +00:00
cxl Accel & Exec patch queue 2024-12-21 11:07:00 -05:00
display hw/display: Have RAMFB device inherit from DYNAMIC_SYS_BUS_DEVICE 2025-02-16 14:25:07 +01:00
dma Accel & Exec patch queue 2024-12-21 11:07:00 -05:00
fsi hw: Use device_class_set_legacy_reset() instead of opencoding 2024-09-13 15:31:44 +01:00
gpio hw/gpio/imx_gpio: Turn DPRINTF() into trace events 2025-01-13 17:16:04 +01:00
hppa hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
hyperv qapi: Move include/qapi/qmp/ to include/qobject/ 2025-02-10 15:33:16 +01:00
i2c hw/i2c/imx_i2c: Convert DPRINTF() to trace events 2025-01-13 17:16:04 +01:00
i386 hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
ide Accel & Exec patch queue 2024-12-21 11:07:00 -05:00
input Accel & Exec patch queue 2024-12-21 11:07:00 -05:00
intc hw/intc/apic: Fixes magic number use, removes outdated comment 2025-02-16 14:25:07 +01:00
ipack hw/ipack: Remove legacy qemu_allocate_irqs() use 2025-01-31 19:36:44 +01:00
ipmi Accel & Exec patch queue 2024-12-21 11:07:00 -05:00
isa Accel & Exec patch queue 2024-12-21 11:07:00 -05:00
loongarch hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
m68k hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
mem hw/cxl: Fix msix_notify: Assertion vector < dev->msix_entries_nr 2025-01-15 13:07:30 -05:00
microblaze hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
mips hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
misc Misc HW patches 2025-02-02 11:09:03 -05:00
net hw/net/smc91c111: Ignore attempt to pop from empty RX fifo 2025-02-16 14:25:08 +01:00
nubus include/hw/qdev-properties: Remove DEFINE_PROP_END_OF_LIST 2024-12-19 19:36:37 +01:00
nvme Accel & Exec patch queue 2024-12-21 11:07:00 -05:00
nvram fw_cfg: Don't set callback_opaque NULL in fw_cfg_modify_bytes_read() 2024-12-31 21:21:34 +01:00
openrisc hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
pci qapi: Move include/qapi/qmp/ to include/qobject/ 2025-02-10 15:33:16 +01:00
pci-bridge Accel & Exec patch queue 2024-12-21 11:07:00 -05:00
pci-host hw/pci-host/astro: Add LMMIO range support 2025-02-04 22:57:34 +01:00
ppc hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
remote hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
riscv hw/riscv/opentitan: Include missing 'exec/address-spaces.h' header 2025-02-16 14:25:08 +01:00
rtc Accel & Exec patch queue 2024-12-21 11:07:00 -05:00
rx hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
s390x hw/boards: Rename no_sdcard -> auto_create_sdcard 2025-02-16 14:25:08 +01:00
scsi block: remove unused BLOCK_OP_TYPE_DATAPLANE 2025-02-06 14:51:10 +01:00
sd hw/sd: Remove unused SDState::enable 2025-01-31 19:36:44 +01:00
sensor hw/sensor: Replace type_register() with type_register_static() 2024-12-10 18:49:25 +01:00
sh4 hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
smbios include: Rename sysemu/ -> system/ 2024-12-20 17:44:56 +01:00
sparc hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
sparc64 hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
ssi Accel & Exec patch queue 2024-12-21 11:07:00 -05:00
timer i386: enable rust hpet for pc when rust is enabled 2025-02-13 12:51:34 +01:00
tpm hw/tpm: Have TPM TIS sysbus device inherit from DYNAMIC_SYS_BUS_DEVICE 2025-02-16 14:25:07 +01:00
tricore hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
ufs hw/ufs: Adjust value to match CPU's endian format 2025-01-13 17:16:04 +01:00
usb hw/xen: Prefer QOM cast for XenLegacyDevice 2025-02-16 14:25:08 +01:00
vfio hw/vfio: Have VFIO_PLATFORM devices inherit from DYNAMIC_SYS_BUS_DEVICE 2025-02-16 14:25:07 +01:00
virtio qapi: Move include/qapi/qmp/ to include/qobject/ 2025-02-10 15:33:16 +01:00
watchdog aspeed/wdt: Support software reset mode for AST2600 2025-01-27 09:38:15 +01:00
xen hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
xenpv hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
xtensa hw/boards: Do not create unusable default if=sd drives 2025-02-16 14:25:08 +01:00
Kconfig hw: Remove PCMCIA subsystem 2024-10-15 15:16:17 +01:00
meson.build hw: Remove PCMCIA subsystem 2024-10-15 15:16:17 +01:00