* [Qemu-devel] [PATCH] hw/net/e1000: fix integer endianness
@ 2015-03-13 5:21 Shannon Zhao
2015-03-13 12:51 ` Paolo Bonzini
2015-03-17 17:05 ` Stefan Hajnoczi
0 siblings, 2 replies; 4+ messages in thread
From: Shannon Zhao @ 2015-03-13 5:21 UTC (permalink / raw)
To: qemu-devel
Cc: peter.maydell, hangaohuai, qemu-trivial, mjt, peter.huangpeng,
shannon.zhao, pbonzini
It's detected by coverity.In is_vlan_packet s->mac_reg[VET] is
unsigned int but is dereferenced as a narrower unsigned short.
This may lead to unexpected results depending on machine
endianness.
Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
---
hw/net/e1000.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/net/e1000.c b/hw/net/e1000.c
index a207e21..59d73cd 100644
--- a/hw/net/e1000.c
+++ b/hw/net/e1000.c
@@ -578,7 +578,7 @@ static inline int
is_vlan_packet(E1000State *s, const uint8_t *buf)
{
return (be16_to_cpup((uint16_t *)(buf + 12)) ==
- le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
+ le16_to_cpu(s->mac_reg[VET]));
}
static inline int
@@ -711,7 +711,7 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
(tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
tp->vlan_needed = 1;
stw_be_p(tp->vlan_header,
- le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
+ le16_to_cpu(s->mac_reg[VET]));
stw_be_p(tp->vlan_header + 2,
le16_to_cpu(dp->upper.fields.special));
}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PATCH] hw/net/e1000: fix integer endianness
2015-03-13 5:21 [Qemu-devel] [PATCH] hw/net/e1000: fix integer endianness Shannon Zhao
@ 2015-03-13 12:51 ` Paolo Bonzini
2015-03-17 17:05 ` Stefan Hajnoczi
1 sibling, 0 replies; 4+ messages in thread
From: Paolo Bonzini @ 2015-03-13 12:51 UTC (permalink / raw)
To: Shannon Zhao, qemu-devel
Cc: peter.maydell, hangaohuai, qemu-trivial, mjt, peter.huangpeng,
shannon.zhao, Stefan Hajnoczi
On 13/03/2015 06:21, Shannon Zhao wrote:
> It's detected by coverity.In is_vlan_packet s->mac_reg[VET] is
> unsigned int but is dereferenced as a narrower unsigned short.
> This may lead to unexpected results depending on machine
> endianness.
Sounds good. CCing Stefan, net/ maintainer.
> Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
> Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
> ---
> hw/net/e1000.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/hw/net/e1000.c b/hw/net/e1000.c
> index a207e21..59d73cd 100644
> --- a/hw/net/e1000.c
> +++ b/hw/net/e1000.c
> @@ -578,7 +578,7 @@ static inline int
> is_vlan_packet(E1000State *s, const uint8_t *buf)
> {
> return (be16_to_cpup((uint16_t *)(buf + 12)) ==
> - le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
> + le16_to_cpu(s->mac_reg[VET]));
> }
>
> static inline int
> @@ -711,7 +711,7 @@ process_tx_desc(E1000State *s, struct e1000_tx_desc *dp)
> (tp->cptse || txd_lower & E1000_TXD_CMD_EOP)) {
> tp->vlan_needed = 1;
> stw_be_p(tp->vlan_header,
> - le16_to_cpup((uint16_t *)(s->mac_reg + VET)));
> + le16_to_cpu(s->mac_reg[VET]));
> stw_be_p(tp->vlan_header + 2,
> le16_to_cpu(dp->upper.fields.special));
> }
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PATCH] hw/net/e1000: fix integer endianness
2015-03-13 5:21 [Qemu-devel] [PATCH] hw/net/e1000: fix integer endianness Shannon Zhao
2015-03-13 12:51 ` Paolo Bonzini
@ 2015-03-17 17:05 ` Stefan Hajnoczi
2015-03-18 1:28 ` Shannon Zhao
1 sibling, 1 reply; 4+ messages in thread
From: Stefan Hajnoczi @ 2015-03-17 17:05 UTC (permalink / raw)
To: Shannon Zhao
Cc: peter.maydell, hangaohuai, qemu-trivial, mjt, qemu-devel,
peter.huangpeng, shannon.zhao, pbonzini
[-- Attachment #1: Type: text/plain, Size: 567 bytes --]
On Fri, Mar 13, 2015 at 01:21:59PM +0800, Shannon Zhao wrote:
> It's detected by coverity.In is_vlan_packet s->mac_reg[VET] is
> unsigned int but is dereferenced as a narrower unsigned short.
> This may lead to unexpected results depending on machine
> endianness.
>
> Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
> Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
> ---
> hw/net/e1000.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
Thanks, applied to my net tree:
https://github.com/stefanha/qemu/commits/net
Stefan
[-- Attachment #2: Type: application/pgp-signature, Size: 473 bytes --]
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PATCH] hw/net/e1000: fix integer endianness
2015-03-17 17:05 ` Stefan Hajnoczi
@ 2015-03-18 1:28 ` Shannon Zhao
0 siblings, 0 replies; 4+ messages in thread
From: Shannon Zhao @ 2015-03-18 1:28 UTC (permalink / raw)
To: Stefan Hajnoczi
Cc: peter.maydell, hangaohuai, qemu-trivial, mjt, qemu-devel,
peter.huangpeng, shannon.zhao, pbonzini
On 2015/3/18 1:05, Stefan Hajnoczi wrote:
> On Fri, Mar 13, 2015 at 01:21:59PM +0800, Shannon Zhao wrote:
>> It's detected by coverity.In is_vlan_packet s->mac_reg[VET] is
>> unsigned int but is dereferenced as a narrower unsigned short.
>> This may lead to unexpected results depending on machine
>> endianness.
>>
>> Signed-off-by: Shannon Zhao <zhaoshenglong@huawei.com>
>> Signed-off-by: Shannon Zhao <shannon.zhao@linaro.org>
>> ---
>> hw/net/e1000.c | 4 ++--
>> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> Thanks, applied to my net tree:
> https://github.com/stefanha/qemu/commits/net
>
Thanks :-)
Shannon
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-03-18 1:29 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-03-13 5:21 [Qemu-devel] [PATCH] hw/net/e1000: fix integer endianness Shannon Zhao
2015-03-13 12:51 ` Paolo Bonzini
2015-03-17 17:05 ` Stefan Hajnoczi
2015-03-18 1:28 ` Shannon Zhao
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.