[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.0] virtio-net: fix guest-triggerable buffe
|
From: |
Michael S. Tsirkin |
|
Subject: |
Re: [Qemu-devel] [PATCH for-2.0] virtio-net: fix guest-triggerable buffer overrun |
|
Date: |
Tue, 22 Apr 2014 18:24:57 +0300 |
On Tue, Apr 22, 2014 at 02:43:42PM +0100, Alin Dobre wrote:
> Hello,
>
> For the 1.6 branch, is this as straight forward as the following diff,
> or is there anything I'm missing?
I think it's the same.
> diff --git a/hw/net/virtio-net.c b/hw/net/virtio-net.c
> index 5320aab..a42d241 100644
> --- a/hw/net/virtio-net.c
> +++ b/hw/net/virtio-net.c
> @@ -655,7 +655,7 @@ static int virtio_net_handle_mac(VirtIONet *n,
> uint8_t cmd,
> goto error;
> }
>
> - if (n->mac_table.in_use + mac_data.entries <= MAC_TABLE_ENTRIES) {
> + if (mac_data.entries <= MAC_TABLE_ENTRIES - n->mac_table.in_use) {
> s = iov_to_buf(iov, iov_cnt, 0, n->mac_table.macs,
> mac_data.entries * ETH_ALEN);
> if (s != mac_data.entries * ETH_ALEN) {
>
> Cheers,
> Alin.