On Thu, Nov 30, 2006 at 04:41:41PM +1100, Herbert Xu wrote:
> Hi:
>
> [QEMU] usb-uhci: Data buffer is too small
>
> The data buffer is only 1280 bytes long but the user-supplied length
> can be as large as 0x7ff. This patch extends the buffer to 2048
> bytes.
>
This patch does not apply to the current CVS, as the variable buf has
been moved into a structure. If the problem is still there, I guess the
patch below should be applied instead.
Index: hw/usb-uhci.c
===================================================================
RCS file: /sources/qemu/qemu/hw/usb-uhci.c,v
retrieving revision 1.12
diff -u -d -p -r1.12 usb-uhci.c
--- hw/usb-uhci.c 12 Aug 2006 01:04:27 -0000 1.12
+++ hw/usb-uhci.c 17 Jan 2007 10:06:16 -0000
@@ -87,7 +87,7 @@ typedef struct UHCIState {
is to allow multiple pending requests. */
uint32_t async_qh;
USBPacket usb_packet;
- uint8_t usb_buf[1280];
+ uint8_t usb_buf[2048];
} UHCIState;
typedef struct UHCI_TD {
--
.''`. Aurelien Jarno | GPG: 1024D/F1BCDB73
: :' : Debian developer | Electrical Engineer
`. `' [EMAIL PROTECTED] | [EMAIL PROTECTED]
`- people.debian.org/~aurel32 | www.aurel32.net
_______________________________________________
Qemu-devel mailing list
Qemu-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/qemu-devel
