subject:"\[Qemu\-devel\] \[PATCH\] net\: mipsnet\: check transmit buffer size before sending"

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

2016-06-13 Thread Jason Wang

On 2016年06月13日 16:35, Aurelien Jarno wrote: On 2016-06-02 10:28, Peter Maydell wrote: On 2 June 2016 at 07:44, P J P wrote: From: Prasad J Pandit When processing MIPSnet I/O port write operation, it uses a transmit buffer tx_buffer[MAX_ETH_FRAME_SIZE=1514]. Two indices 's->tx_written' and

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

2016-06-13 Thread Aurelien Jarno

On 2016-06-02 10:28, Peter Maydell wrote: > On 2 June 2016 at 07:44, P J P wrote: > > From: Prasad J Pandit > > > > When processing MIPSnet I/O port write operation, it uses a > > transmit buffer tx_buffer[MAX_ETH_FRAME_SIZE=1514]. Two indices > > 's->tx_written' and 's->tx_count' are used to con

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

2016-06-08 Thread P J P

Hello Jason, +-- On Wed, 8 Jun 2016, Jason Wang wrote --+ | We need to fix this issue, but instead of changing the behavior, is it | better the add a check in MIPSNET_TX_DATA_BUFFER? Yes, the patch has that too. Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

2016-06-07 Thread Jason Wang

On 2016年06月07日 13:02, P J P wrote: +-- On Fri, 3 Jun 2016, P J P wrote --+ | +-- On Thu, 2 Jun 2016, Peter Maydell wrote --+ | | > case MIPSNET_TX_DATA_COUNT: | | > - s->tx_count = (val <= MAX_ETH_FRAME_SIZE) ? val : 0; | | > +s->tx_count = (val < MAX_ETH_FRAME_SIZE) ? val :

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

2016-06-06 Thread P J P

+-- On Fri, 3 Jun 2016, P J P wrote --+ | +-- On Thu, 2 Jun 2016, Peter Maydell wrote --+ | | > case MIPSNET_TX_DATA_COUNT: | | > - s->tx_count = (val <= MAX_ETH_FRAME_SIZE) ? val : 0; | | > +s->tx_count = (val < MAX_ETH_FRAME_SIZE) ? val : MAX_ETH_FRAME_SIZE; | | > s->

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

2016-06-02 Thread P J P

+-- On Thu, 2 Jun 2016, Peter Maydell wrote --+ | > case MIPSNET_TX_DATA_COUNT: | > - s->tx_count = (val <= MAX_ETH_FRAME_SIZE) ? val : 0; | > +s->tx_count = (val < MAX_ETH_FRAME_SIZE) ? val : MAX_ETH_FRAME_SIZE; | > s->tx_written = 0; | | This is a behaviour change --

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

2016-06-02 Thread Peter Maydell

On 2 June 2016 at 07:44, P J P wrote: > From: Prasad J Pandit > > When processing MIPSnet I/O port write operation, it uses a > transmit buffer tx_buffer[MAX_ETH_FRAME_SIZE=1514]. Two indices > 's->tx_written' and 's->tx_count' are used to control data written > to this buffer. If the two were to

[Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

2016-06-01 Thread P J P

From: Prasad J Pandit When processing MIPSnet I/O port write operation, it uses a transmit buffer tx_buffer[MAX_ETH_FRAME_SIZE=1514]. Two indices 's->tx_written' and 's->tx_count' are used to control data written to this buffer. If the two were to be equal before writing, it'd lead to an OOB writ

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

Re: [Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

[Qemu-devel] [PATCH] net: mipsnet: check transmit buffer size before sending

8 matches

Site Navigation

Mail list logo

Footer information