vitalif
/
mirror_qemu
mirror of https://github.com/proxmox/mirror_qemu
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
mirror_qemu/linux-user
History
Peter Maydell 7174970a94 linux-user: Fix length calculations in host_to_target_cmsg() 
The handling of length calculations in host_to_target_cmsg()
was rather confused:
 * when checking for whether the target cmsg header fit in
   the remaining buffer, we were using the host struct size,
   not the target size
 * we were setting tgt_len to "target payload + header length"
   but then using it as if it were the target payload length alone
 * in various message type cases we weren't handling the possibility
   that host or target buffers were truncated

Fix these problems. The second one in particular is liable
to result in us overrunning the guest provided buffer,
since we will try to convert more data than is actually
present.

Fixes: https://bugs.launchpad.net/qemu/+bug/1701808
Reported-by: Bruno Haible  <bruno@clisp.org>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Message-Id: <1513345976-22958-2-git-send-email-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>
 		2018-01-23 14:20:52 +01:00
..
aarch64 linux-user: Add separate aarch64_be uname 2018-01-11 13:25:31 +00:00
alpha linux-user: Handle ERFKILL and EHWPOISON 2017-01-22 18:14:10 -08:00
arm linux-user/arm/nwfpe: Check coprocessor number for FPA emulation 2018-01-11 13:25:39 +00:00
cris linux-user: Clean up target_structs.h header guards 2016-07-12 16:19:16 +02:00
host Replace 'struct ucontext' with 'ucontext_t' type 2017-07-20 10:10:28 +01:00
hppa linux-user/hppa: Fix typo for TARGET_NR_epoll_wait 2017-11-07 21:58:13 +02:00
i386 linux-user: fix TARGET_NR_select 2016-09-22 07:24:21 +03:00
m68k linux-user: Update m68k syscall definitions to match Linux 4.6 2017-02-16 15:29:26 +01:00
microblaze linux-user: fix TARGET_NR_select 2016-09-22 07:24:21 +03:00
mips linux-user: Handle ERFKILL and EHWPOISON 2017-01-22 18:14:10 -08:00
mips64 linux-user: Handle ERFKILL and EHWPOISON 2017-01-22 18:14:10 -08:00
nios2 nios2: Add usermode binaries emulation 2017-01-24 13:10:35 -08:00
openrisc target/openrisc: implement shadow registers 2017-05-04 09:39:01 +09:00
ppc ppc: Fix signal delivery in ppc-user and ppc64-user 2016-09-23 10:29:40 +10:00
s390x linux-user: Clean up target_structs.h header guards 2016-07-12 16:19:16 +02:00
sh4 linux-user: Update sh4 syscall definitions to match Linux 4.8 2017-02-16 15:29:16 +01:00
sparc sparc: embed sparc_def_t into CPUSPARCState 2017-09-01 11:54:24 -03:00
sparc64 linux-user: sparc64: Use correct target SHMLBA in shmat() 2016-10-21 15:19:40 +03:00
tilegx linux-user: fix TARGET_NR_select 2016-09-22 07:24:21 +03:00
unicore32 linux-user: Clean up target_structs.h header guards 2016-07-12 16:19:16 +02:00
x86_64 linux-user: Fix target_semid_ds structure definition 2016-08-04 16:36:53 +03:00
Makefile.objs linux-user: Provide safe_syscall for fixing races between signals and syscalls 2016-05-27 14:49:51 +03:00
elfload.c linux-user: Fix calculation of auxv length 2017-11-20 16:15:41 +02:00
errno_defs.h linux-user: Handle ERFKILL and EHWPOISON 2017-01-22 18:14:10 -08:00
flat.h Support for 32 bit ABI on 64 bit targets (only enabled Sparc64) 2007-10-14 16:27:31 +00:00
flatload.c linux-user: Fix error handling in flatload.c target_pread() 2016-09-21 14:27:19 +03:00
ioctls.h linux-user: Add some random ioctls 2017-10-16 21:00:04 +03:00
linux_loop.h linux-user: Add loop control ioctls 2016-07-19 15:22:33 +03:00
linuxload.c linux-user: Clean up includes 2016-01-29 15:07:22 +00:00
m68k-sim.c linux-user: Clean up includes 2016-01-29 15:07:22 +00:00
main.c linux-user: wrap fork() in a start/end exclusive section 2018-01-23 14:20:52 +01:00
mmap.c linux-user: fix tcg/mmap test 2017-02-16 15:29:30 +01:00
qemu.h linux-user: Support stack-grows-up in elfload.c 2017-01-22 18:14:10 -08:00
safe-syscall.S linux-user: Provide safe_syscall for fixing races between signals and syscalls 2016-05-27 14:49:51 +03:00
signal.c linux-user: Fix endianess of aarch64 signal trampoline 2018-01-11 13:25:31 +00:00
socket.h linux-user: Add HPPA socket.h definitions 2017-01-23 09:52:39 -08:00
strace.c linux-user: fix O_TMPFILE handling 2017-10-16 16:00:56 +03:00
strace.list linux-user: add rt_tgsigqueueinfo() strace 2017-05-29 14:56:08 +03:00
syscall.c linux-user: Fix length calculations in host_to_target_cmsg() 2018-01-23 14:20:52 +01:00
syscall_defs.h linux-user: Handle TARGET_MAP_STACK and TARGET_MAP_HUGETLB 2017-11-07 21:58:13 +02:00
syscall_types.h linux-user: Add FICLONE and FICLONERANGE ioctls 2017-02-16 15:29:30 +01:00
target_flat.h linux-user/FLAT: allow targets to override FLAT processing 2011-02-09 10:33:54 +02:00
trace-events trace-events: fix code style: print 0x before hex numbers 2017-08-01 12:13:07 +01:00
uaccess.c util: move declarations out of qemu-common.h 2016-03-22 22:20:17 +01:00
uname.c linux-user: Clean up includes 2016-01-29 15:07:22 +00:00
uname.h Clean up decorations and whitespace around header guards 2016-07-12 16:20:46 +02:00
vm86.c linux-user: Clean up includes 2016-01-29 15:07:22 +00:00