QEMU-Nyx-fork/display at d34d5b3bbd31f51dbeee011d4123d33d3b8b43a7 - QEMU-Nyx-fork - Gitea: Git Fakultät Informatik TU Dortmund

david.venhoff/QEMU-Nyx-fork

History

Gerd Hoffmann 92f2b88cea cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo (CVE-2017-2620)

CIRRUS_BLTMODE_MEMSYSSRC blits do NOT check blit destination
and blit width, at all.  Oops.  Fix it.

Security impact: high.

The missing blit destination check allows to write to host memory.
Basically same as CVE-2014-8106 for the other blit variants.

Cc: qemu-stable@nongnu.org
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>

2017-02-24 14:35:50 +01:00

..

ads7846.c

ssi: change ssi_slave_init to be a realize ops

2016-07-04 13:15:22 +01:00

bcm2835_fb.c

hw: explicitly include qemu/log.h

2016-05-19 16:42:29 +02:00

blizzard.c

hw/display/blizzard: Remove blizzard_template.h

2016-05-12 13:22:30 +01:00

cg3.c

hw: explicitly include qemu/log.h

2016-05-19 16:42:29 +02:00

cirrus_vga_rop2.h

…

cirrus_vga_rop.h

cirrus: Fix host CPU blits

2014-07-11 10:17:02 +02:00

cirrus_vga.c

cirrus: add blit_is_unsafe call to cirrus_bitblt_cputovideo (CVE-2017-2620)

2017-02-24 14:35:50 +01:00

dpcd.c

aux: Rename aux.[ch] to auxbus.[ch] for the benefit of Windows

2016-07-07 13:47:01 +01:00

exynos4210_fimd.c

hw/display: QOM'ify exynos4210_fimd.c

2016-05-12 13:22:27 +01:00

framebuffer.c

hw/display/framebuffer.c: Avoid overflow for framebuffers > 4GB

2017-01-24 23:26:53 +03:00

framebuffer.h

framebuffer: set DIRTY_MEMORY_VGA on RAM that is used for the framebuffer

2015-07-24 13:57:45 +02:00

g364fb.c

migration: consolidate VMStateField.start

2017-02-13 17:27:13 +00:00

jazz_led.c

hw/display: QOM'ify jazz_led.c

2016-05-13 09:33:38 +01:00

Makefile.objs

introduce xlnx-dp

2016-06-14 16:01:03 +01:00

milkymist-tmu2.c

char: rename CharDriverState Chardev

2017-01-27 18:07:59 +01:00

milkymist-vgafb_template.h

…

milkymist-vgafb.c

milkymist: update specification URLs

2016-06-20 18:12:04 +02:00

omap_dss.c

hw/display: Clean up includes

2016-01-29 15:07:24 +00:00

omap_lcd_template.h

omap_lcdc: Remove support for DEPTH != 32

2016-05-12 13:22:24 +01:00

omap_lcdc.c

omap_lcdc: Remove support for DEPTH != 32

2016-05-12 13:22:24 +01:00

pl110_template.h

…

pl110.c

hw/display: QOM'ify pl110.c

2016-10-24 16:26:56 +01:00

pxa2xx_lcd.c

arm: Clean up includes

2016-01-29 15:07:23 +00:00

pxa2xx_template.h

…

qxl-logger.c

hw/display: Clean up includes

2016-01-29 15:07:24 +00:00

qxl-render.c

hw/display: Clean up includes

2016-01-29 15:07:24 +00:00

qxl.c

qxl: switch to constants within BUILD_BUG_ON

2017-01-31 15:57:27 +02:00

qxl.h

Clean up decorations and whitespace around header guards

2016-07-12 16:20:46 +02:00

sm501_template.h

hw: use ld_p/st_p instead of ld_raw/st_raw

2014-06-05 16:04:17 +02:00

sm501.c

char: rename CharDriverState Chardev

2017-01-27 18:07:59 +01:00

ssd0303.c

i2c: Allow I2C devices to NAK start events

2017-01-09 11:40:20 +00:00

ssd0323.c

vmstateify ssd0323 display

2016-09-22 18:13:08 +01:00

tc6393xb_template.h

…

tc6393xb.c

qemu-common: stop including qemu/host-utils.h from qemu-common.h

2016-05-19 16:42:28 +02:00

tcx.c

hw: explicitly include qemu-common.h and cpu.h

2016-03-22 22:20:17 +01:00

trace-events

cirrus: replace debug printf with trace points

2017-02-10 16:49:45 +01:00

vga_int.h

Clean up decorations and whitespace around header guards

2016-07-12 16:20:46 +02:00

vga-helpers.h

vga: Rename vga_template.h to vga-helpers.h

2014-09-30 13:34:09 +02:00

vga-isa-mm.c

hw/display: Clean up includes

2016-01-29 15:07:24 +00:00

vga-isa.c

portio: keep references on portio

2016-09-08 18:05:21 +04:00

vga-pci.c

hw/display: Clean up includes

2016-01-29 15:07:24 +00:00

vga.c

vga: replace debug printf with trace points

2017-02-10 16:49:45 +01:00

vga.h

Clean up ill-advised or unusual header guards

2016-07-12 16:20:46 +02:00

virtio-gpu-3d.c

virtio-gpu: fix resource leak in virgl_cmd_resource_unref

2017-02-10 16:49:45 +01:00

virtio-gpu-pci.c

virtio-gpu-pci: tag as not hotpluggable

2016-09-13 09:26:58 +02:00

virtio-gpu.c

virtio-gpu: fix memory leak in set scanout

2017-02-10 16:49:45 +01:00

virtio-vga.c

virtio: rename the bar index field name in VirtIOPCIProxy

2016-10-08 11:25:29 +03:00

vmware_vga.c

vmsvga: correct bitmap and pixmap size checks

2016-09-13 09:24:35 +02:00

xenfb.c

xen: Rename xen_be_find_xendev

2016-10-28 17:54:39 -07:00

xlnx_dp.c

hw: Fix typos found by codespell

2017-01-24 23:26:52 +03:00