diff options
Diffstat (limited to 'meta/recipes-devtools/qemu/qemu/CVE-2020-13253_3.patch')
-rw-r--r-- | meta/recipes-devtools/qemu/qemu/CVE-2020-13253_3.patch | 86 |
1 files changed, 86 insertions, 0 deletions
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_3.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_3.patch new file mode 100644 index 0000000000..b512b2bd7f --- /dev/null +++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-13253_3.patch | |||
@@ -0,0 +1,86 @@ | |||
1 | From 794d68de2f021a6d3874df41d6bbe8590ec05207 Mon Sep 17 00:00:00 2001 | ||
2 | From: =?utf8?q?Philippe=20Mathieu-Daud=C3=A9?= <f4bug@amsat.org> | ||
3 | Date: Mon, 13 Jul 2020 09:27:35 +0200 | ||
4 | Subject: [PATCH] hw/sd/sdcard: Update coding style to make checkpatch.pl happy | ||
5 | MIME-Version: 1.0 | ||
6 | Content-Type: text/plain; charset=utf8 | ||
7 | Content-Transfer-Encoding: 8bit | ||
8 | |||
9 | To make the next commit easier to review, clean this code first. | ||
10 | |||
11 | Reviewed-by: Peter Maydell <peter.maydell@linaro.org> | ||
12 | Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> | ||
13 | Reviewed-by: Alistair Francis <alistair.francis@wdc.com> | ||
14 | Reviewed-by: Alexander Bulekov <alxndr@bu.edu> | ||
15 | Message-Id: <20200630133912.9428-3-f4bug@amsat.org> | ||
16 | |||
17 | Upstram-Status: Backport: | ||
18 | https://git.qemu.org/?p=qemu.git;a=commit;f=hw/sd/sd.c;h=794d68de2f021a6d3874df41d6bbe8590ec05207 | ||
19 | |||
20 | CVE: CVE-2020-13253 | ||
21 | |||
22 | Signed-off-by: Davide Gardenal <davide.gardenal@huawei.com> | ||
23 | --- | ||
24 | diff --git a/hw/sd/sd.c b/hw/sd/sd.c | ||
25 | --- a/hw/sd/sd.c (revision b0ca999a43a22b38158a222233d3f5881648bb4f) | ||
26 | +++ b/hw/sd/sd.c (date 1647514442924) | ||
27 | @@ -1154,8 +1154,9 @@ | ||
28 | sd->data_start = addr; | ||
29 | sd->data_offset = 0; | ||
30 | |||
31 | - if (sd->data_start + sd->blk_len > sd->size) | ||
32 | + if (sd->data_start + sd->blk_len > sd->size) { | ||
33 | sd->card_status |= ADDRESS_ERROR; | ||
34 | + } | ||
35 | return sd_r1; | ||
36 | |||
37 | default: | ||
38 | @@ -1170,8 +1171,9 @@ | ||
39 | sd->data_start = addr; | ||
40 | sd->data_offset = 0; | ||
41 | |||
42 | - if (sd->data_start + sd->blk_len > sd->size) | ||
43 | + if (sd->data_start + sd->blk_len > sd->size) { | ||
44 | sd->card_status |= ADDRESS_ERROR; | ||
45 | + } | ||
46 | return sd_r1; | ||
47 | |||
48 | default: | ||
49 | @@ -1216,12 +1218,15 @@ | ||
50 | sd->data_offset = 0; | ||
51 | sd->blk_written = 0; | ||
52 | |||
53 | - if (sd->data_start + sd->blk_len > sd->size) | ||
54 | + if (sd->data_start + sd->blk_len > sd->size) { | ||
55 | sd->card_status |= ADDRESS_ERROR; | ||
56 | - if (sd_wp_addr(sd, sd->data_start)) | ||
57 | + } | ||
58 | + if (sd_wp_addr(sd, sd->data_start)) { | ||
59 | sd->card_status |= WP_VIOLATION; | ||
60 | - if (sd->csd[14] & 0x30) | ||
61 | + } | ||
62 | + if (sd->csd[14] & 0x30) { | ||
63 | sd->card_status |= WP_VIOLATION; | ||
64 | + } | ||
65 | return sd_r1; | ||
66 | |||
67 | default: | ||
68 | @@ -1240,12 +1245,15 @@ | ||
69 | sd->data_offset = 0; | ||
70 | sd->blk_written = 0; | ||
71 | |||
72 | - if (sd->data_start + sd->blk_len > sd->size) | ||
73 | + if (sd->data_start + sd->blk_len > sd->size) { | ||
74 | sd->card_status |= ADDRESS_ERROR; | ||
75 | - if (sd_wp_addr(sd, sd->data_start)) | ||
76 | + } | ||
77 | + if (sd_wp_addr(sd, sd->data_start)) { | ||
78 | sd->card_status |= WP_VIOLATION; | ||
79 | - if (sd->csd[14] & 0x30) | ||
80 | + } | ||
81 | + if (sd->csd[14] & 0x30) { | ||
82 | sd->card_status |= WP_VIOLATION; | ||
83 | + } | ||
84 | return sd_r1; | ||
85 | |||
86 | default: | ||