| Message ID | 1470137878-29405-1-git-send-email-ppandit@redhat.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On 2016年08月02日 19:37, P J P wrote: > From: Prasad J Pandit <pjp@fedoraproject.org> > > VMware VMXNET* NIC emulator supports packet fragmentation. > While fragmenting a packet, it checks for more fragments based > on packet length and current fragment length. It is susceptible > to an infinite loop, if the current fragment length is zero. > Add check to avoid it. > > Reported-by: Li Qiang <liqiang6-s@360.cn> > Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org> > --- > hw/net/vmxnet_tx_pkt.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/hw/net/vmxnet_tx_pkt.c b/hw/net/vmxnet_tx_pkt.c > index 91e1e08..f4d0f5f 100644 > --- a/hw/net/vmxnet_tx_pkt.c > +++ b/hw/net/vmxnet_tx_pkt.c > @@ -544,7 +544,7 @@ static bool vmxnet_tx_pkt_do_sw_fragmentation(struct VmxnetTxPkt *pkt, > > fragment_offset += fragment_len; > > - } while (more_frags); > + } while (fragment_len && more_frags); > > return true; > } The patch doesn't apply cleanly on HEAD, we now move this logic to hw/net/net_tx_pkt.c. Please resend on top of HEAD and cc Dmitry Fleytman <dmitry@daynix.com>. Thanks
Hello Jason, +-- On Thu, 4 Aug 2016, Jason Wang wrote --+ | The patch doesn't apply cleanly on HEAD, we now move this logic to | hw/net/net_tx_pkt.c. Please resend on top of HEAD and cc Dmitry Fleytman | <dmitry@daynix.com>. I see, that explains why it did not show-up in search. I've sent a revised patch v2. Nevertheless, the patch here would apply to Qemu versions <= 2.6.0. Thank you. -- Prasad J Pandit / Red Hat Product Security Team 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F
On 2016年08月04日 15:35, P J P wrote: > Hello Jason, > > +-- On Thu, 4 Aug 2016, Jason Wang wrote --+ > | The patch doesn't apply cleanly on HEAD, we now move this logic to > | hw/net/net_tx_pkt.c. Please resend on top of HEAD and cc Dmitry Fleytman > | <dmitry@daynix.com>. > > I see, that explains why it did not show-up in search. I've sent a revised > patch v2. Nevertheless, the patch here would apply to Qemu versions <= 2.6.0. > > Thank you. > -- > Prasad J Pandit / Red Hat Product Security Team > 47AF CE69 3A90 54AA 9045 1053 DD13 3D32 FE5B 041F Yes, I will cc stable this time. Please do it next time if you want the fix for stable too. Thanks
diff --git a/hw/net/vmxnet_tx_pkt.c b/hw/net/vmxnet_tx_pkt.c index 91e1e08..f4d0f5f 100644 --- a/hw/net/vmxnet_tx_pkt.c +++ b/hw/net/vmxnet_tx_pkt.c @@ -544,7 +544,7 @@ static bool vmxnet_tx_pkt_do_sw_fragmentation(struct VmxnetTxPkt *pkt, fragment_offset += fragment_len; - } while (more_frags); + } while (fragment_len && more_frags); return true; }