[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-stable] [PULL 1/3] net: check fragment length during fragmentation
|
From: |
Jason Wang |
|
Subject: |
[Qemu-stable] [PULL 1/3] net: check fragment length during fragmentation |
|
Date: |
Tue, 9 Aug 2016 15:34:31 +0800 |
From: Prasad J Pandit <address@hidden>
Network transport abstraction layer supports packet fragmentation.
While fragmenting a packet, it checks for more fragments from
packet length and current fragment length. It is susceptible
to an infinite loop, if the current fragment length is zero.
Add check to avoid it.
Reported-by: Li Qiang <address@hidden>
Signed-off-by: Prasad J Pandit <address@hidden>
Reviewed-by: Dmitry Fleytman <address@hidden>
CC: address@hidden
Signed-off-by: Jason Wang <address@hidden>
---
hw/net/net_tx_pkt.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/net/net_tx_pkt.c b/hw/net/net_tx_pkt.c
index efd43b4..53dfaa2 100644
--- a/hw/net/net_tx_pkt.c
+++ b/hw/net/net_tx_pkt.c
@@ -590,7 +590,7 @@ static bool net_tx_pkt_do_sw_fragmentation(struct NetTxPkt
*pkt,
fragment_offset += fragment_len;
- } while (more_frags);
+ } while (fragment_len && more_frags);
return true;
}
--
2.7.4
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-stable] [PULL 1/3] net: check fragment length during fragmentation,
Jason Wang <=