From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:49626)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1XrMqK-0003sO-EM
	for qemu-devel@nongnu.org; Thu, 20 Nov 2014 03:12:02 -0500
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1XrMqD-00088X-BN
	for qemu-devel@nongnu.org; Thu, 20 Nov 2014 03:11:56 -0500
Received: from mx1.redhat.com ([209.132.183.28]:44379)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <jasowang@redhat.com>) id 1XrMqD-00088R-1a
	for qemu-devel@nongnu.org; Thu, 20 Nov 2014 03:11:49 -0500
Message-ID: <546DA23A.9040807@redhat.com>
Date: Thu, 20 Nov 2014 16:11:38 +0800
From: Jason Wang <jasowang@redhat.com>
MIME-Version: 1.0
References: <1416463034-8264-1-git-send-email-arei.gonglei@huawei.com>
	<1416463034-8264-5-git-send-email-arei.gonglei@huawei.com>
	<546D8A48.8040502@redhat.com> <546D905A.5020306@redhat.com>
	<546D9449.5020107@huawei.com> <546D9D50.4000500@redhat.com>
	<546DA0B5.3020705@huawei.com>
In-Reply-To: <546DA0B5.3020705@huawei.com>
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Subject: Re: [Qemu-devel] [PATCH 4/4] rtl8139: fix Pointer to local outside
 scope
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: Gonglei <arei.gonglei@huawei.com>
Cc: Paolo Bonzini <pbonzini@redhat.com>, "qemu-devel@nongnu.org" <qemu-devel@nongnu.org>, "stefanha@redhat.com" <stefanha@redhat.com>, "Huangpeng (Peter)" <peter.huangpeng@huawei.com>

On 11/20/2014 04:05 PM, Gonglei wrote:
> On 2014/11/20 15:50, Jason Wang wrote:
>
>>>> Maybe just initialize iov unconditionally at the beginning and check
>>>>>> dot1q_buf instead of iov for the rest of the functions. (Need deal with
>>>>>> size < ETHER_ADDR_LEN * 2)
>>>> More complicated, because we can't initialize iov when
>>>>  "size < ETHER_ADDR_LEN * 2".
>>>>
>>>> Best regards,
>>>> -Gonglei
>>>>
>> Probably not: you can just do something like:
>>
>>     if (dot1q_buf && size < ETHER_ADDR_LEN * 2) {
>>         dot1q_buf = NULL;
>>     }
>>
>> and check dot1q_buf afterwards. Or just drop the packet since its size
>> was less than mininum frame length that Ethernet allows.
> Sorry, I don't understand. But,
> what's your meaning "initialize iov unconditionally at the beginning"?

Something like:

@@ -1774,7 +1774,12 @@ static uint32_t
rtl8139_RxConfig_read(RTL8139State *s)
 static void rtl8139_transfer_frame(RTL8139State *s, uint8_t *buf, int size,
     int do_interrupt, const uint8_t *dot1q_buf)
 {
-    struct iovec *iov = NULL;
+    struct iovec iov[3] = {
+        { .iov_base = buf, .iov_len = ETHER_ADDR_LEN * 2 },
+        { .iov_base = (void *) dot1q_buf, .iov_len = VLAN_HLEN },
+        { .iov_base = buf + ETHER_ADDR_LEN * 2,
+          .iov_len = size - ETHER_ADDR_LEN * 2 },
+    };

and assign dot1q_buf to NULL is size is not ok.

Just a suggestion, your call.