hw/display/artist: Fix out-of-buffer accesses found while fuzzing

[PATCH 0/3] hw/display/artist: Fix out-of-buffer accesses found while fuzzing

Philippe Mathieu-Daudé posted 3 patches 3 years, 11 months ago

Download series mbox

Test docker-mingw@fedora passed

Test checkpatch passed

Test asan passed

Test docker-quick@centos7 passed

Test FreeBSD passed

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20200523191517.23684-1-f4bug@amsat.org

hw/display/artist.c | 54 +++++++++++++++++++++++++++++++--------------
1 file changed, 37 insertions(+), 17 deletions(-)

Expand all Fold all

[PATCH 0/3] hw/display/artist: Fix out-of-buffer accesses found while fuzzing

Posted by Philippe Mathieu-Daudé 3 years, 11 months ago

Fix various out-of-range buffer access in the artist device
emulation. Bugs found using libFuzzer (docs/devel/fuzzing.txt).

Philippe Mathieu-Daudé (3):
  hw/display/artist: Check offset in draw_line to avoid buffer over-run
  hw/display/artist: Refactor artist_rop8() to avoid buffer over-run
  hw/display/artist: Check offset in block_move to avoid buffer
    over-read

 hw/display/artist.c | 54 +++++++++++++++++++++++++++++++--------------
 1 file changed, 37 insertions(+), 17 deletions(-)

-- 
2.21.3