Re: [Qemu-devel] [PATCH v2 for-2.2 4/4] rtl8139: fix Pointer to local ou

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] [PATCH v2 for-2.2 4/4] rtl8139: fix Pointer to local ou

From:	Jason Wang
Subject:	Re: [Qemu-devel] [PATCH v2 for-2.2 4/4] rtl8139: fix Pointer to local outside scope
Date:	Fri, 21 Nov 2014 09:42:34 +0800
User-agent:	Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0

On 11/20/2014 07:35 PM, address@hidden wrote:
> From: Gonglei <address@hidden>
>
> Coverity spot:
>  Assigning: iov = struct iovec [3]({{buf, 12UL},
>                        {(void *)dot1q_buf, 4UL},
>                        {buf + 12, size - 12}})
>  (address of temporary variable of type struct iovec [3]).
>  out_of_scope: Temporary variable of type struct iovec [3] goes out of scope.
>
> Pointer to local outside scope (RETURN_LOCAL)
> use_invalid:
>  Using iov, which points to an out-of-scope temporary variable of type struct 
> iovec [3].
>
> Signed-off-by: Gonglei <address@hidden>
> Signed-off-by: Paolo Bonzini <address@hidden>
> ---
>  hw/net/rtl8139.c | 4 ++++
>  1 file changed, 4 insertions(+)
>
> diff --git a/hw/net/rtl8139.c b/hw/net/rtl8139.c
> index 8b8a1b1..5f0197c 100644
> --- a/hw/net/rtl8139.c
> +++ b/hw/net/rtl8139.c
> @@ -1775,6 +1775,7 @@ static void rtl8139_transfer_frame(RTL8139State *s, 
> uint8_t *buf, int size,
>      int do_interrupt, const uint8_t *dot1q_buf)
>  {
>      struct iovec *iov = NULL;
> +    struct iovec vlan_iov[3];
>  
>      if (!size)
>      {
> @@ -1789,6 +1790,9 @@ static void rtl8139_transfer_frame(RTL8139State *s, 
> uint8_t *buf, int size,
>              { .iov_base = buf + ETHER_ADDR_LEN * 2,
>                  .iov_len = size - ETHER_ADDR_LEN * 2 },
>          };
> +
> +        memcpy(vlan_iov, iov, sizeof(vlan_iov));
> +        iov = vlan_iov;
>      }
>  
>      if (TxLoopBack == (s->TxConfig & TxLoopBack))

Reviewed-by: Jason Wang <address@hidden>

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH v2 for-2.2 0/4] net: fix high impact outstanding defects reported by Coverity, arei.gonglei, 2014/11/20
- [Qemu-devel] [PATCH v2 for-2.2 1/4] net/slirp: fix memory leak, arei.gonglei, 2014/11/20
- [Qemu-devel] [PATCH v2 for-2.2 2/4] net/socket: fix Uninitialized scalar variable, arei.gonglei, 2014/11/20
- [Qemu-devel] [PATCH v2 for-2.2 4/4] rtl8139: fix Pointer to local outside scope, arei.gonglei, 2014/11/20
  - Re: [Qemu-devel] [PATCH v2 for-2.2 4/4] rtl8139: fix Pointer to local outside scope, Jason Wang <=
- [Qemu-devel] [PATCH v2 for-2.2 3/4] pcnet: fix Negative array index read, arei.gonglei, 2014/11/20
  - Re: [Qemu-devel] [PATCH v2 for-2.2 3/4] pcnet: fix Negative array index read, Jason Wang, 2014/11/20
- Re: [Qemu-devel] [PATCH v2 for-2.2 0/4] net: fix high impact outstanding defects reported by Coverity, Paolo Bonzini, 2014/11/20

Prev by Date: Re: [Qemu-devel] [PATCH v2 for-2.2 3/4] pcnet: fix Negative array index read
Next by Date: [Qemu-devel] [PATCH] gtk: Don't crash if -nodefaults
Previous by thread: [Qemu-devel] [PATCH v2 for-2.2 4/4] rtl8139: fix Pointer to local outside scope
Next by thread: [Qemu-devel] [PATCH v2 for-2.2 3/4] pcnet: fix Negative array index read
Index(es):
- Date
- Thread