[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] f2c8ae: hw/ufs: Fix buffer overflow bug
From: |
Richard Henderson |
Subject: |
[Qemu-commits] [qemu/qemu] f2c8ae: hw/ufs: Fix buffer overflow bug |
Date: |
Tue, 30 Apr 2024 16:03:46 -0700 |
Branch: refs/heads/staging
Home: https://github.com/qemu/qemu
Commit: f2c8aeb1afefcda92054c448b21fc59cdd99db30
https://github.com/qemu/qemu/commit/f2c8aeb1afefcda92054c448b21fc59cdd99db30
Author: Jeuk Kim <jeuk20.kim@samsung.com>
Date: 2024-04-29 (Mon, 29 Apr 2024)
Changed paths:
M hw/ufs/ufs.c
Log Message:
-----------
hw/ufs: Fix buffer overflow bug
It fixes the buffer overflow vulnerability in the ufs device.
The bug was detected by sanitizers.
You can reproduce it by:
cat << EOF |\
qemu-system-x86_64 \
-display none -machine accel=qtest -m 512M -M q35 -nodefaults -drive \
file=null-co://,if=none,id=disk0 -device ufs,id=ufs_bus -device \
ufs-lu,drive=disk0,bus=ufs_bus -qtest stdio
outl 0xcf8 0x80000810
outl 0xcfc 0xe0000000
outl 0xcf8 0x80000804
outw 0xcfc 0x06
write 0xe0000058 0x1 0xa7
write 0xa 0x1 0x50
EOF
Resolves: #2299
Fixes: 329f16624499 ("hw/ufs: Support for Query Transfer Requests")
Reported-by: Zheyu Ma <zheyuma97@gmail.com>
Signed-off-by: Jeuk Kim <jeuk20.kim@samsung.com>
Commit: e79b15350ef613efdfa5067d07534c6a82a78a06
https://github.com/qemu/qemu/commit/e79b15350ef613efdfa5067d07534c6a82a78a06
Author: Richard Henderson <richard.henderson@linaro.org>
Date: 2024-04-30 (Tue, 30 Apr 2024)
Changed paths:
M hw/ufs/ufs.c
Log Message:
-----------
Merge tag 'pull-ufs-20240429' of https://gitlab.com/jeuk20.kim/qemu into
staging
ufs queue
# -----BEGIN PGP SIGNATURE-----
#
# iQIzBAABCgAdFiEEUBfYMVl8eKPZB+73EuIgTA5dtgIFAmYvEScACgkQEuIgTA5d
# tgL3Qg//R3IcISQqqDaJ/ySzKGmkyohJSc6ySLYvla4Aki7PV+um2Dx/XNS7uG2b
# d3Qz4m6QaOKsocLfldRTn2FxVK238Rp5HNny5vc0kGRdwpR514B7aU0FhpT7qObS
# wbbgRdDddIBIiCFLhtXtg5/TK2h32VxGrVI6llX4gmd2VzqM0e4xeG1Oj8rZseOY
# SAgvDv68s1YwlO1p1vPvst/H+mUKYkqtPN1mjfCIn5tM6ss8kCLUnKjqGAg1BnSN
# xwaGrqqOlzQK2+aV02eiItiow8evU/h+c9eiTnBo/EvBwjoBn6flNXABWXFENnmP
# JjVIFeiNzSFhBPDzO23GXviuEt96j5lrcGYR48HYMZfEbJNpblXzWvEGMZWnXNgx
# Q3cpcarZ4vSWIflR9OnCSQaGLA0Ny6YqLbmrM/oD+v67EITafKKc+flmiF7DBASB
# fUoEsdffdA37LDtygJb7hfUhvPQWWAujmGzZ1cDP8Oa0MhT7aiD0Z/WqhhjVQbM0
# iLiCDDD0cc0pmT3vw3EnEjKjnSkY3H62Q7pnYHiQgij4Ls/Rdd/P7OkSd0aI82t0
# TooWGZJnyf8rjAzY2cEB1Twrhmhuyt9NnGxip9W8JsQBZMLabD2CahOm83zsk7jZ
# 3fOONz6XrW2ttFkLZcRd4x4YjKONjEXsSX2ZrXTZ5t3USz/VNvY=
# =Vwyi
# -----END PGP SIGNATURE-----
# gpg: Signature made Sun 28 Apr 2024 08:16:55 PM PDT
# gpg: using RSA key 5017D831597C78A3D907EEF712E2204C0E5DB602
# gpg: Good signature from "Jeuk Kim <jeuk20.kim@samsung.com>" [unknown]
# gpg: aka "Jeuk Kim <jeuk20.kim@gmail.com>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 5017 D831 597C 78A3 D907 EEF7 12E2 204C 0E5D B602
* tag 'pull-ufs-20240429' of https://gitlab.com/jeuk20.kim/qemu:
hw/ufs: Fix buffer overflow bug
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Compare: https://github.com/qemu/qemu/compare/9c6c079bc672...e79b15350ef6
To unsubscribe from these emails, change your notification settings at
https://github.com/qemu/qemu/settings/notifications
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] f2c8ae: hw/ufs: Fix buffer overflow bug,
Richard Henderson <=