From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:51747) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XrN2l-0001CY-4q for qemu-devel@nongnu.org; Thu, 20 Nov 2014 03:24:53 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1XrN2e-00049B-VO for qemu-devel@nongnu.org; Thu, 20 Nov 2014 03:24:47 -0500 Received: from mx1.redhat.com ([209.132.183.28]:60628) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1XrN2e-000490-Nj for qemu-devel@nongnu.org; Thu, 20 Nov 2014 03:24:40 -0500 Message-ID: <546DA53E.7010106@redhat.com> Date: Thu, 20 Nov 2014 16:24:30 +0800 From: Jason Wang MIME-Version: 1.0 References: <1416463034-8264-1-git-send-email-arei.gonglei@huawei.com> <1416463034-8264-5-git-send-email-arei.gonglei@huawei.com> <546D8A48.8040502@redhat.com> <546D905A.5020306@redhat.com> <546D9449.5020107@huawei.com> <546D9D50.4000500@redhat.com> <546DA0B5.3020705@huawei.com> <546DA23A.9040807@redhat.com> <546DA3DF.5080809@huawei.com> In-Reply-To: <546DA3DF.5080809@huawei.com> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Subject: Re: [Qemu-devel] [PATCH 4/4] rtl8139: fix Pointer to local outside scope List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Gonglei Cc: Paolo Bonzini , "qemu-devel@nongnu.org" , "stefanha@redhat.com" , "Huangpeng (Peter)" On 11/20/2014 04:18 PM, Gonglei wrote: > On 2014/11/20 16:11, Jason Wang wrote: > >> On 11/20/2014 04:05 PM, Gonglei wrote: >>> On 2014/11/20 15:50, Jason Wang wrote: >>> >>>>>> Maybe just initialize iov unconditionally at the beginning and check >>>>>>>> dot1q_buf instead of iov for the rest of the functions. (Need deal with >>>>>>>> size < ETHER_ADDR_LEN * 2) >>>>>> More complicated, because we can't initialize iov when >>>>>> "size < ETHER_ADDR_LEN * 2". >>>>>> >>>>>> Best regards, >>>>>> -Gonglei >>>>>> >>>> Probably not: you can just do something like: >>>> >>>> if (dot1q_buf && size < ETHER_ADDR_LEN * 2) { >>>> dot1q_buf = NULL; >>>> } >>>> >>>> and check dot1q_buf afterwards. Or just drop the packet since its size >>>> was less than mininum frame length that Ethernet allows. >>> Sorry, I don't understand. But, >>> what's your meaning "initialize iov unconditionally at the beginning"? >> Something like: >> >> @@ -1774,7 +1774,12 @@ static uint32_t >> rtl8139_RxConfig_read(RTL8139State *s) >> static void rtl8139_transfer_frame(RTL8139State *s, uint8_t *buf, int size, >> int do_interrupt, const uint8_t *dot1q_buf) >> { >> - struct iovec *iov = NULL; >> + struct iovec iov[3] = { >> + { .iov_base = buf, .iov_len = ETHER_ADDR_LEN * 2 }, >> + { .iov_base = (void *) dot1q_buf, .iov_len = VLAN_HLEN }, >> + { .iov_base = buf + ETHER_ADDR_LEN * 2, >> + .iov_len = size - ETHER_ADDR_LEN * 2 }, >> + }; >> >> and assign dot1q_buf to NULL is size is not ok. >> > If "size < ETHER_ADDR_LEN * 2", .iov_len = size - ETHER_ADDR_LEN * 2 will be > negative value; > and if dot1q_buf is NULL, .iov_base = (void *) dot1q_buf will be NULL too. Any side-effect? Then you need check dot1q_buf instead of iov after. Iov won't be used if dot1q_buf is NULL. > >> Just a suggestion, your call. > Thanks, Jason :) > > Best regards, > -Gonglei >