[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v4 01/13] hpet: Catch out-of-bounds timer access
From: |
Jan Kiszka |
Subject: |
[Qemu-devel] [PATCH v4 01/13] hpet: Catch out-of-bounds timer access |
Date: |
Sun, 13 Jun 2010 14:15:34 +0200 |
From: Jan Kiszka <address@hidden>
Also prevent out-of-bounds write access to the timers but don't spam the
host console if it triggers.
Signed-off-by: Jan Kiszka <address@hidden>
---
hw/hpet.c | 6 +++++-
1 files changed, 5 insertions(+), 1 deletions(-)
diff --git a/hw/hpet.c b/hw/hpet.c
index 8729fb2..1980906 100644
--- a/hw/hpet.c
+++ b/hw/hpet.c
@@ -294,7 +294,7 @@ static uint32_t hpet_ram_readl(void *opaque,
target_phys_addr_t addr)
if (index >= 0x100 && index <= 0x3ff) {
uint8_t timer_id = (addr - 0x100) / 0x20;
if (timer_id > HPET_NUM_TIMERS - 1) {
- printf("qemu: timer id out of range\n");
+ DPRINTF("qemu: timer id out of range\n");
return 0;
}
HPETTimer *timer = &s->timer[timer_id];
@@ -383,6 +383,10 @@ static void hpet_ram_writel(void *opaque,
target_phys_addr_t addr,
DPRINTF("qemu: hpet_ram_writel timer_id = %#x \n", timer_id);
HPETTimer *timer = &s->timer[timer_id];
+ if (timer_id > HPET_NUM_TIMERS - 1) {
+ DPRINTF("qemu: timer id out of range\n");
+ return;
+ }
switch ((addr - 0x100) % 0x20) {
case HPET_TN_CFG:
DPRINTF("qemu: hpet_ram_writel HPET_TN_CFG\n");
--
1.6.0.2
- [Qemu-devel] [PATCH v4 00/13] HPET cleanups, fixes, enhancements, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 03/13] hpet: Silence warning on write to running main counter, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 06/13] hpet: Start/stop timer when HPET_TN_ENABLE is modified, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 04/13] hpet: Move static timer field initialization, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 05/13] hpet: Convert to qdev, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 07/13] hpet/rtc: Rework RTC IRQ replacement by HPET, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 01/13] hpet: Catch out-of-bounds timer access,
Jan Kiszka <=
- [Qemu-devel] [PATCH v4 08/13] hpet: Drop static state, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 02/13] hpet: Coding style cleanups and some refactorings, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 09/13] hpet: Add support for level-triggered interrupts, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 10/13] vmstate: Add VMSTATE_STRUCT_VARRAY_UINT8, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 13/13] monitor/QMP: Drop info hpet / query-hpet, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 11/13] hpet: Make number of timers configurable, Jan Kiszka, 2010/06/13
- [Qemu-devel] [PATCH v4 12/13] hpet: Add MSI support, Jan Kiszka, 2010/06/13
- [Qemu-devel] Re: [PATCH v4 00/13] HPET cleanups, fixes, enhancements, Blue Swirl, 2010/06/13