diff options
Diffstat (limited to 'app-emulation/qemu/files')
3 files changed, 32 insertions, 68 deletions
diff --git a/app-emulation/qemu/files/qemu-3.1.0-CVE-2018-20123.patch b/app-emulation/qemu/files/qemu-3.1.0-CVE-2018-20123.patch deleted file mode 100644 index a021a6a970d2..000000000000 --- a/app-emulation/qemu/files/qemu-3.1.0-CVE-2018-20123.patch +++ /dev/null @@ -1,35 +0,0 @@ -From: Prasad J Pandit <address@hidden> - -If during pvrdma device initialisation an error occurs, -pvrdma_realize() does not release memory resources, leading -to memory leakage. - -Reported-by: Li Qiang <address@hidden> -Signed-off-by: Prasad J Pandit <address@hidden> ---- - hw/rdma/vmw/pvrdma_main.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/hw/rdma/vmw/pvrdma_main.c b/hw/rdma/vmw/pvrdma_main.c -index 8a03ab4669..b65f8662df 100644 ---- a/hw/rdma/vmw/pvrdma_main.c -+++ b/hw/rdma/vmw/pvrdma_main.c -@@ -579,7 +579,7 @@ static void pvrdma_shutdown_notifier(Notifier *n, void *opaque) - - static void pvrdma_realize(PCIDevice *pdev, Error **errp) - { -- int rc; -+ int rc = 0; - PVRDMADev *dev = PVRDMA_DEV(pdev); - Object *memdev_root; - bool ram_shared = false; -@@ -655,6 +655,7 @@ static void pvrdma_realize(PCIDevice *pdev, Error **errp) - - out: - if (rc) { -+ pvrdma_fini(pdev); - error_append_hint(errp, "Device fail to load\n"); - } - } --- -2.19.2 diff --git a/app-emulation/qemu/files/qemu-3.1.0-CVE-2019-3812.patch b/app-emulation/qemu/files/qemu-3.1.0-CVE-2019-3812.patch deleted file mode 100644 index 03db9e0a1f2d..000000000000 --- a/app-emulation/qemu/files/qemu-3.1.0-CVE-2019-3812.patch +++ /dev/null @@ -1,33 +0,0 @@ -From b05b267840515730dbf6753495d5b7bd8b04ad1c Mon Sep 17 00:00:00 2001 -From: Gerd Hoffmann <kraxel@redhat.com> -Date: Tue, 8 Jan 2019 11:23:01 +0100 -Subject: [PATCH] i2c-ddc: fix oob read -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Suggested-by: Michael Hanselmann <public@hansmi.ch> -Signed-off-by: Gerd Hoffmann <kraxel@redhat.com> -Reviewed-by: Michael Hanselmann <public@hansmi.ch> -Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> -Message-id: 20190108102301.1957-1-kraxel@redhat.com ---- - hw/i2c/i2c-ddc.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/hw/i2c/i2c-ddc.c b/hw/i2c/i2c-ddc.c -index be34fe072c..0a0367ff38 100644 ---- a/hw/i2c/i2c-ddc.c -+++ b/hw/i2c/i2c-ddc.c -@@ -56,7 +56,7 @@ static int i2c_ddc_rx(I2CSlave *i2c) - I2CDDCState *s = I2CDDC(i2c); - - int value; -- value = s->edid_blob[s->reg]; -+ value = s->edid_blob[s->reg % sizeof(s->edid_blob)]; - s->reg++; - return value; - } --- -2.19.2 - diff --git a/app-emulation/qemu/files/qemu-4.0.0-sanitize-interp_info.patch b/app-emulation/qemu/files/qemu-4.0.0-sanitize-interp_info.patch new file mode 100644 index 000000000000..58ff0c788288 --- /dev/null +++ b/app-emulation/qemu/files/qemu-4.0.0-sanitize-interp_info.patch @@ -0,0 +1,32 @@ +linux-user: Sanitize interp_info and, for mips + +Sanitize interp_info structure in load_elf_binary() and, for mips only, +init its field fp_abi. This fixes appearances of "Unexpected FPU mode" +message in some MIPS use cases. + +Signed-off-by: Daniel Santos <address@hidden> +Signed-off-by: Aleksandar Markovic <address@hidden> +--- + linux-user/elfload.c | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git a/linux-user/elfload.c b/linux-user/elfload.c +index c1a2602..7f09d57 100644 +--- a/linux-user/elfload.c ++++ b/linux-user/elfload.c +@@ -2698,6 +2698,11 @@ int load_elf_binary(struct linux_binprm *bprm, struct image_info *info) + char *elf_interpreter = NULL; + char *scratch; + ++ memset(&interp_info, 0, sizeof(interp_info)); ++#ifdef TARGET_MIPS ++ interp_info.fp_abi = MIPS_ABI_FP_UNKNOWN; ++#endif ++ + info->start_mmap = (abi_ulong)ELF_START_MMAP; + + load_elf_image(bprm->filename, bprm->fd, info, +-- +2.7.4 + + |