On Sun, Jan 06, 2008 at 11:03:45PM +0100, Fabrice Bellard wrote:
>
> QEMU version 0.9.1 is out !
and if you want to install an OpenSolaris guest on it, apply the attached
patch over it.
the patch prevents OpenSolaris from overflowing a small buffer when querying
the emulated CDROM for its capabilities and getting more data than requested
at install time.
beware that there are still other problems with the implementation of that
command that are being addressed in a bigger patch that is still under
revision.
Carlo
Index: hw/ide.c
===================================================================
RCS file: /sources/qemu/qemu/hw/ide.c,v
retrieving revision 1.79
diff -u -p -r1.79 ide.c
--- hw/ide.c 24 Dec 2007 14:33:24 -0000 1.79
+++ hw/ide.c 7 Jan 2008 05:24:16 -0000
@@ -1648,6 +1648,7 @@ static void ide_atapi_cmd(IDEState *s)
ASC_INV_FIELD_IN_CMD_PACKET);
break;
}
+ max_len = ube16_to_cpu(packet + 7);
memset(buf, 0, 32);
bdrv_get_geometry(s->bs, &total_sectors);
buf[3] = 16;
@@ -1658,7 +1659,7 @@ static void ide_atapi_cmd(IDEState *s)
buf[14] = buf[7] == 0x10; /* (in)active */
buf[17] = 0x08; /* CD-ROM profile */
buf[18] = buf[7] == 0x08; /* (in)active */
- ide_atapi_cmd_reply(s, 32, 32);
+ ide_atapi_cmd_reply(s, 32, max_len);
break;
}
default:
