[Qemu-devel] [PULL 0/2] Net patches

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

* [Qemu-devel] [PULL 0/2] Net patches
@ 2016-08-18  5:40 Jason Wang
  2016-08-18  5:40 ` [Qemu-devel] [PULL 1/2] net: vmxnet: use g_new for pkt initialisation Jason Wang
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Jason Wang @ 2016-08-18  5:40 UTC (permalink / raw)
  To: qemu-devel, peter.maydell; +Cc: Jason Wang

The following changes since commit 5f0e775348082c355769a3df612e055abea61c06:

  Update version for v2.7.0-rc3 release (2016-08-16 17:34:30 +0100)

are available in the git repository at:

  https://github.com/jasowang/qemu.git tags/net-pull-request

for you to fetch changes up to e9e0a5854b6dc888f44e7e280a007326714199a6:

  net/net: properly handle multiple packets in net_fill_rstate() (2016-08-18 12:20:57 +0800)

----------------------------------------------------------------

----------------------------------------------------------------
Li Qiang (1):
      net: vmxnet: use g_new for pkt initialisation

Zhang Chen (1):
      net/net: properly handle multiple packets in net_fill_rstate()

 hw/net/net_tx_pkt.c | 5 ++---
 net/net.c           | 8 ++++----
 2 files changed, 6 insertions(+), 7 deletions(-)

^ permalink raw reply	[flat|nested] 4+ messages in thread

* [Qemu-devel] [PULL 1/2] net: vmxnet: use g_new for pkt initialisation
  2016-08-18  5:40 [Qemu-devel] [PULL 0/2] Net patches Jason Wang
@ 2016-08-18  5:40 ` Jason Wang
  2016-08-18  5:40 ` [Qemu-devel] [PULL 2/2] net/net: properly handle multiple packets in net_fill_rstate() Jason Wang
  2016-08-18 10:22 ` [Qemu-devel] [PULL 0/2] Net patches Peter Maydell
  2 siblings, 0 replies; 4+ messages in thread
From: Jason Wang @ 2016-08-18  5:40 UTC (permalink / raw)
  To: qemu-devel, peter.maydell; +Cc: Li Qiang, Prasad J Pandit, Jason Wang

From: Li Qiang <liqiang6-s@360.cn>

When network transport abstraction layer initialises pkt, the maximum
fragmentation count is not checked. This could lead to an integer
overflow causing a NULL pointer dereference. Replace g_malloc() with
g_new() to catch the multiplication overflow.

Reported-by: Li Qiang <liqiang6-s@360.cn>
Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
Acked-by: Dmitry Fleytman <dmitry@daynix.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
 hw/net/net_tx_pkt.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/hw/net/net_tx_pkt.c b/hw/net/net_tx_pkt.c
index 53dfaa2..20b2549 100644
--- a/hw/net/net_tx_pkt.c
+++ b/hw/net/net_tx_pkt.c
@@ -65,10 +65,9 @@ void net_tx_pkt_init(struct NetTxPkt **pkt, PCIDevice *pci_dev,
 
     p->pci_dev = pci_dev;
 
-    p->vec = g_malloc((sizeof *p->vec) *
-        (max_frags + NET_TX_PKT_PL_START_FRAG));
+    p->vec = g_new(struct iovec, max_frags + NET_TX_PKT_PL_START_FRAG);
 
-    p->raw = g_malloc((sizeof *p->raw) * max_frags);
+    p->raw = g_new(struct iovec, max_frags);
 
     p->max_payload_frags = max_frags;
     p->max_raw_frags = max_frags;
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [Qemu-devel] [PULL 2/2] net/net: properly handle multiple packets in net_fill_rstate()
  2016-08-18  5:40 [Qemu-devel] [PULL 0/2] Net patches Jason Wang
  2016-08-18  5:40 ` [Qemu-devel] [PULL 1/2] net: vmxnet: use g_new for pkt initialisation Jason Wang
@ 2016-08-18  5:40 ` Jason Wang
  2016-08-18 10:22 ` [Qemu-devel] [PULL 0/2] Net patches Peter Maydell
  2 siblings, 0 replies; 4+ messages in thread
From: Jason Wang @ 2016-08-18  5:40 UTC (permalink / raw)
  To: qemu-devel, peter.maydell; +Cc: Zhang Chen, Li Zhijian, Jason Wang

From: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>

When network is busy, we will receive multiple packets at one time. In
that situation, we should keep trying to do the receiving instead of
finalizing only the first packet.

Signed-off-by: Zhang Chen <zhangchen.fnst@cn.fujitsu.com>
Signed-off-by: Li Zhijian <lizhijian@cn.fujitsu.com>
Signed-off-by: Jason Wang <jasowang@redhat.com>
---
 net/net.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/net/net.c b/net/net.c
index c124b11..d51cb29 100644
--- a/net/net.c
+++ b/net/net.c
@@ -1602,9 +1602,8 @@ void net_socket_rs_init(SocketReadState *rs,
 
 /*
  * Returns
- * 0: SocketReadState is not ready
- * 1: SocketReadState is ready
- * otherwise error occurs
+ * 0: success
+ * -1: error occurs
  */
 int net_fill_rstate(SocketReadState *rs, const uint8_t *buf, int size)
 {
@@ -1652,10 +1651,11 @@ int net_fill_rstate(SocketReadState *rs, const uint8_t *buf, int size)
                 if (rs->finalize) {
                     rs->finalize(rs);
                 }
-                return 1;
             }
             break;
         }
     }
+
+    assert(size == 0);
     return 0;
 }
-- 
2.7.4

^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [Qemu-devel] [PULL 0/2] Net patches
  2016-08-18  5:40 [Qemu-devel] [PULL 0/2] Net patches Jason Wang
  2016-08-18  5:40 ` [Qemu-devel] [PULL 1/2] net: vmxnet: use g_new for pkt initialisation Jason Wang
  2016-08-18  5:40 ` [Qemu-devel] [PULL 2/2] net/net: properly handle multiple packets in net_fill_rstate() Jason Wang
@ 2016-08-18 10:22 ` Peter Maydell
  2 siblings, 0 replies; 4+ messages in thread
From: Peter Maydell @ 2016-08-18 10:22 UTC (permalink / raw)
  To: Jason Wang; +Cc: QEMU Developers

On 18 August 2016 at 06:40, Jason Wang <jasowang@redhat.com> wrote:
> The following changes since commit 5f0e775348082c355769a3df612e055abea61c06:
>
>   Update version for v2.7.0-rc3 release (2016-08-16 17:34:30 +0100)
>
> are available in the git repository at:
>
>   https://github.com/jasowang/qemu.git tags/net-pull-request
>
> for you to fetch changes up to e9e0a5854b6dc888f44e7e280a007326714199a6:
>
>   net/net: properly handle multiple packets in net_fill_rstate() (2016-08-18 12:20:57 +0800)
>
> ----------------------------------------------------------------
>
> ----------------------------------------------------------------

Applied, thanks.

-- PMM

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2016-08-18 10:22 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2016-08-18  5:40 [Qemu-devel] [PULL 0/2] Net patches Jason Wang
2016-08-18  5:40 ` [Qemu-devel] [PULL 1/2] net: vmxnet: use g_new for pkt initialisation Jason Wang
2016-08-18  5:40 ` [Qemu-devel] [PULL 2/2] net/net: properly handle multiple packets in net_fill_rstate() Jason Wang
2016-08-18 10:22 ` [Qemu-devel] [PULL 0/2] Net patches Peter Maydell

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).