Hello,
On Wed, 27 May 2020, Gerd Hoffmann wrote:
Well, the advantage of *not* using pixman is that you can easily switch
the code to use offsets instead of pointers, then apply the mask to the
*final* offset to avoid oob data access:
The mask applied to src_base is not to prevent overflow but
Hi,
> > Well, the advantage of *not* using pixman is that you can easily switch
> > the code to use offsets instead of pointers, then apply the mask to the
> > *final* offset to avoid oob data access:
>
> The mask applied to src_base is not to prevent overflow but to implement
> register limits
On Tue, 26 May 2020, Gerd Hoffmann wrote:
On Thu, May 21, 2020 at 09:39:44PM +0200, BALATON Zoltan wrote:
Besides being faster this should also prevent malicious guests to
abuse 2D engine to overwrite data or cause a crash.
uint32_t src_base = s->twoD_source_base & 0x03FF;
-
On Thu, May 21, 2020 at 09:39:44PM +0200, BALATON Zoltan wrote:
> Besides being faster this should also prevent malicious guests to
> abuse 2D engine to overwrite data or cause a crash.
> uint32_t src_base = s->twoD_source_base & 0x03FF;
> -uint8_t *src = s->local_mem + src_ba
Besides being faster this should also prevent malicious guests to
abuse 2D engine to overwrite data or cause a crash.
Signed-off-by: BALATON Zoltan
---
hw/display/sm501.c | 207 ++---
1 file changed, 119 insertions(+), 88 deletions(-)
diff --git a/hw/disp