fridtjof/qemu-cr16
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
qemu-cr16/hw/net
History
Peter Maydell bab496a183 hw/net/e1000e_core: Adjust e1000e_write_payload_frag_to_rx_buffers() assert 
An assertion in e1000e_write_payload_frag_to_rx_buffers() attempts to
guard against the calling code accidentally trying to write too much
data to a single RX descriptor, such that the E1000EBAState::cur_idx
indexes off the end of the EB1000BAState::written[] array.

Unfortunately it is overzealous: it asserts that cur_idx is in
range after it has been incremented. This will fire incorrectly
for the case where the guest configures four buffers and exactly
enough bytes are written to fill all four of them.

The only places where we use cur_idx and index in to the written[]
array are the functions e1000e_write_hdr_frag_to_rx_buffers() and
e1000e_write_payload_frag_to_rx_buffers(), so we can rewrite this to
assert before doing the array dereference, rather than asserting
after updating cur_idx.

Cc: qemu-stable@nongnu.org
Reviewed-by: Akihiko Odaki <odaki@rsg.ci.i.u-tokyo.ac.jp>
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
2025-11-14 09:59:55 +08:00
..
can hw/net/can/xlnx-versal-canfd: remove register API usage for banked regs 2025-10-21 20:16:47 +02:00
fsl_etsec qom: remove redundant typedef when use OBJECT_DECLARE_SIMPLE_TYPE 2025-10-28 08:08:04 +01:00
rocker hw/net/rocker: Don't overflow in of_dpa_mask2prefix() 2025-10-23 14:13:38 +01:00
allwinner-sun8i-emac.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
allwinner_emac.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
cadence_gem.c hw/net/cadence_gem: Add pcs-enabled property 2025-10-24 09:24:08 +10:00
dp8393x.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
e1000.c hw/net/e1000: Remove unused E1000_FLAG_MAC flag 2025-05-30 09:52:08 +02:00
e1000_common.h
e1000_regs.h hw/net: spelling fixes 2023-09-20 07:54:34 +03:00
e1000e.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
e1000e_core.c hw/net/e1000e_core: Adjust e1000e_write_payload_frag_to_rx_buffers() assert 2025-11-14 09:59:55 +08:00
e1000e_core.h e1000e: fix link state on resume 2024-03-12 19:28:32 +08:00
e1000x_common.c
e1000x_common.h
e1000x_regs.h hw/net/e1000: Remove stray empty comment in header 2025-05-09 23:49:26 +03:00
eepro100.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
ftgmac100.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
i82596.c i82596: Adding proper break-statement functionality in RX functions 2025-11-07 11:18:32 +01:00
i82596.h i82596: Added core infrastructure and helper functions 2025-11-04 16:14:51 +01:00
igb.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
igb_common.h igb: Add a VF reset handler 2023-11-13 15:33:37 +08:00
igb_core.c net: bundle all offloads in a single struct 2025-10-04 10:50:36 -04:00
igb_core.h igb: fix link state on resume 2024-03-12 19:28:31 +08:00
igb_regs.h license: Update deprecated SPDX tag GPL-2.0 to GPL-2.0-only 2024-09-20 10:11:59 +03:00
igbvf.c pcie_sriov: Fix broken MMIO accesses from SR-IOV VFs 2025-10-05 09:01:08 -04:00
imx_fec.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
Kconfig hw/net: Remove mipsnet device model 2025-09-02 17:57:05 +02:00
lan9118.c qemu: Declare all load/store helper in 'qemu/bswap.h' 2025-07-15 02:56:39 -04:00
lan9118_phy.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
lance.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
lasi_i82596.c i82596: Added core infrastructure and helper functions 2025-11-04 16:14:51 +01:00
mcf_fec.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
meson.build hw/net: Remove mipsnet device model 2025-09-02 17:57:05 +02:00
msf2-emac.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
mv88w8618_eth.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
ne2000-isa.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
ne2000-pci.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
ne2000.c include/system: Move exec/memory.h to system/memory.h 2025-04-23 14:08:21 -07:00
ne2000.h
net_rx_pkt.c hw/net/net_rx_pkt: Remove deadcode 2024-10-03 17:26:05 +03:00
net_rx_pkt.h hw/net/net_rx_pkt: Remove deadcode 2024-10-03 17:26:05 +03:00
net_tx_pkt.c Revert "hw/net/net_tx_pkt: Fix overrun in update_sctp_checksum()" 2025-03-10 17:07:16 +08:00
net_tx_pkt.h
npcm7xx_emc.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
npcm_gmac.c hw/net/npcm_gmac.c: Drop 'buf' local variable 2025-07-21 10:21:51 +08:00
npcm_pcs.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
opencores_eth.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
pcnet-pci.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
pcnet.c Avoid unaligned fetch in ladr_match() 2024-03-12 19:28:32 +08:00
pcnet.h include/system: Move exec/memory.h to system/memory.h 2025-04-23 14:08:21 -07:00
rtl8139.c qemu: Declare all load/store helper in 'qemu/bswap.h' 2025-07-15 02:56:39 -04:00
smc91c111.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
spapr_llan.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
stellaris_enet.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00
sungem.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
sunhme.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
trace-events i82596: Implement enhanced TX/RX with packet queuing and filtering 2025-11-04 16:14:51 +01:00
trace.h
tulip.c hw/net/tulip: skip automatic zero-init of large array 2025-06-12 13:40:15 -04:00
tulip.h
vhost_net-stub.c vhost-net: implement extended features support 2025-10-04 10:50:37 -04:00
vhost_net.c vhost-net: implement extended features support 2025-10-04 10:50:37 -04:00
virtio-net.c virtio-net: Advertise UDP tunnel GSO support by default 2025-11-09 08:25:08 -05:00
vmware_utils.h
vmxnet3.c net: bundle all offloads in a single struct 2025-10-04 10:50:36 -04:00
vmxnet3.h hw: replace FSF postal address with licenses URL 2025-06-26 00:42:37 +02:00
vmxnet3_defs.h
vmxnet_debug.h
xen_nic.c qom: remove redundant typedef when use OBJECT_DECLARE_SIMPLE_TYPE 2025-10-28 08:08:04 +01:00
xgmac.c hw/net/xgamc: skip automatic zero-init of large array 2025-06-12 13:40:16 -04:00
xilinx_axienet.c qom: Make InterfaceInfo[] uses const 2025-04-25 17:00:41 +02:00
xilinx_ethlite.c qom: Have class_init() take a const data argument 2025-04-25 17:00:41 +02:00