[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] f61d82: cirrus_vga: adding sanity check for v
|
From: |
GitHub |
|
Subject: |
[Qemu-commits] [qemu/qemu] f61d82: cirrus_vga: adding sanity check for vram size |
|
Date: |
Fri, 11 Jul 2014 11:00:07 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: f61d82c2dfe02a60642a76e8f0034a0244eef2bf
https://github.com/qemu/qemu/commit/f61d82c2dfe02a60642a76e8f0034a0244eef2bf
Author: Gonglei <address@hidden>
Date: 2014-07-11 (Fri, 11 Jul 2014)
Changed paths:
M hw/display/cirrus_vga.c
Log Message:
-----------
cirrus_vga: adding sanity check for vram size
when configure a invalid vram size for cirrus card, such as less
2 MB, which will crash qemu. Follow the real hardware, the cirrus
card has 4 MB video memory. Also for backward compatibility, accept
8 MB and 16 MB vram size.
Signed-off-by: Gonglei <address@hidden>
Reviewed-by: Andreas Färber <address@hidden>
Signed-off-by: Gerd Hoffmann <address@hidden>
Commit: e8ee4b68bed36471b014c23209299c84b8d4a01b
https://github.com/qemu/qemu/commit/e8ee4b68bed36471b014c23209299c84b8d4a01b
Author: Benjamin Herrenschmidt <address@hidden>
Date: 2014-07-11 (Fri, 11 Jul 2014)
Changed paths:
M hw/display/cirrus_vga.c
Log Message:
-----------
cirrus: Fix build of debug code
Use PRIu64 to print uint64_t
Signed-off-by: Benjamin Herrenschmidt <address@hidden>
Signed-off-by: Gerd Hoffmann <address@hidden>
Commit: d16136d22af0fcf0d651de04c9e3cbc7137cc6f9
https://github.com/qemu/qemu/commit/d16136d22af0fcf0d651de04c9e3cbc7137cc6f9
Author: Benjamin Herrenschmidt <address@hidden>
Date: 2014-07-11 (Fri, 11 Jul 2014)
Changed paths:
M hw/display/cirrus_vga_rop.h
Log Message:
-----------
cirrus: Fix host CPU blits
Commit b2eb849d4b1fdb6f35d5c46958c7f703cf64cfef
"CVE-2007-1320 - Cirrus LGD-54XX "bitblt" heap overflow" broke
cpu to video blits.
When the ROP function is called from cirrus_bitblt_cputovideo_next(),
we pass 0 for the pitch but only operate on one line at a time. The
added test was tripping because after the initial substraction, the
pitch becomes negative. Make the test only trip when the height is
larger than one (ie. the pitch is actually used).
This fixes HW cursor support in Windows NT4.0 (which otherwise was
a white rectangle) and general display of icons in that OS when using
8bpp mode.
Signed-off-by: Benjamin Herrenschmidt <address@hidden>
Signed-off-by: Gerd Hoffmann <address@hidden>
Commit: ab6d3749c4915cd5692633e321f7745dce06fe77
https://github.com/qemu/qemu/commit/ab6d3749c4915cd5692633e321f7745dce06fe77
Author: Peter Maydell <address@hidden>
Date: 2014-07-11 (Fri, 11 Jul 2014)
Changed paths:
M hw/display/cirrus_vga.c
M hw/display/cirrus_vga_rop.h
Log Message:
-----------
Merge remote-tracking branch 'remotes/kraxel/tags/pull-vga-20140711-1' into
staging
vga: some cirrus fixes.
# gpg: Signature made Fri 11 Jul 2014 10:38:32 BST using RSA key ID D3E87138
# gpg: Good signature from "Gerd Hoffmann (work) <address@hidden>"
# gpg: aka "Gerd Hoffmann <address@hidden>"
# gpg: aka "Gerd Hoffmann (private) <address@hidden>"
* remotes/kraxel/tags/pull-vga-20140711-1:
cirrus: Fix host CPU blits
cirrus: Fix build of debug code
cirrus_vga: adding sanity check for vram size
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/aee230d70715...ab6d3749c491
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] f61d82: cirrus_vga: adding sanity check for vram size,
GitHub <=