* [Qemu-devel] [PULL 0/2] usb: redirect bugfix, MAINTAINERS update.
@ 2016-02-29 11:10 Gerd Hoffmann
2016-02-29 11:11 ` [Qemu-devel] [PULL 1/2] MAINTAINERS: Add some missing entries for USB related files Gerd Hoffmann
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Gerd Hoffmann @ 2016-02-29 11:10 UTC (permalink / raw)
To: qemu-devel; +Cc: Gerd Hoffmann
Hi,
Here is the usb patch queue with a bugfix and a MAINTAINERS update.
please pull,
Gerd
The following changes since commit 6e378dd214fbbae8138ff011ec3de7ddf13a445f:
Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160226' into staging (2016-02-26 16:02:00 +0000)
are available in the git repository at:
git://git.kraxel.org/qemu tags/pull-usb-20160229-1
for you to fetch changes up to e8ce12d9eaeedeb7f8d9debcd4c9b993903f1abb:
usb-redirect: Avoid double free of data (2016-02-29 11:45:26 +0100)
----------------------------------------------------------------
usb: redirect bugfix, MAINTAINERS update.
----------------------------------------------------------------
Fam Zheng (1):
usb-redirect: Avoid double free of data
Thomas Huth (1):
MAINTAINERS: Add some missing entries for USB related files
MAINTAINERS | 4 ++++
hw/usb/redirect.c | 11 ++++++++---
2 files changed, 12 insertions(+), 3 deletions(-)
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Qemu-devel] [PULL 1/2] MAINTAINERS: Add some missing entries for USB related files
2016-02-29 11:10 [Qemu-devel] [PULL 0/2] usb: redirect bugfix, MAINTAINERS update Gerd Hoffmann
@ 2016-02-29 11:11 ` Gerd Hoffmann
2016-02-29 11:11 ` [Qemu-devel] [PULL 2/2] usb-redirect: Avoid double free of data Gerd Hoffmann
2016-02-29 13:05 ` [Qemu-devel] [PULL 0/2] usb: redirect bugfix, MAINTAINERS update Peter Maydell
2 siblings, 0 replies; 4+ messages in thread
From: Gerd Hoffmann @ 2016-02-29 11:11 UTC (permalink / raw)
To: qemu-devel; +Cc: Thomas Huth, Gerd Hoffmann
From: Thomas Huth <thuth@redhat.com>
USB-related docs and include files should go into the USB
section of the MAINTAINERS file.
Signed-off-by: Thomas Huth <thuth@redhat.com>
Message-id: 1456392967-20274-2-git-send-email-thuth@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
MAINTAINERS | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/MAINTAINERS b/MAINTAINERS
index caa5260..423cfb3 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -857,6 +857,10 @@ M: Gerd Hoffmann <kraxel@redhat.com>
S: Maintained
F: hw/usb/*
F: tests/usb-*-test.c
+F: docs/usb2.txt
+F: docs/usb-storage.txt
+F: include/hw/usb.h
+F: include/hw/usb/
USB (serial adapter)
M: Gerd Hoffmann <kraxel@redhat.com>
--
1.8.3.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [Qemu-devel] [PULL 2/2] usb-redirect: Avoid double free of data
2016-02-29 11:10 [Qemu-devel] [PULL 0/2] usb: redirect bugfix, MAINTAINERS update Gerd Hoffmann
2016-02-29 11:11 ` [Qemu-devel] [PULL 1/2] MAINTAINERS: Add some missing entries for USB related files Gerd Hoffmann
@ 2016-02-29 11:11 ` Gerd Hoffmann
2016-02-29 13:05 ` [Qemu-devel] [PULL 0/2] usb: redirect bugfix, MAINTAINERS update Peter Maydell
2 siblings, 0 replies; 4+ messages in thread
From: Gerd Hoffmann @ 2016-02-29 11:11 UTC (permalink / raw)
To: qemu-devel; +Cc: Fam Zheng, Gerd Hoffmann
From: Fam Zheng <famz@redhat.com>
If dropping packets, data is freed, the caller's loop should not continue.
Reported by ccc-analyzer.
Signed-off-by: Fam Zheng <famz@redhat.com>
Message-id: 1456301288-1592-1-git-send-email-famz@redhat.com
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
---
hw/usb/redirect.c | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
index d0f7cb8..38a5393 100644
--- a/hw/usb/redirect.c
+++ b/hw/usb/redirect.c
@@ -447,7 +447,7 @@ static USBPacket *usbredir_find_packet_by_id(USBRedirDevice *dev,
return p;
}
-static void bufp_alloc(USBRedirDevice *dev, uint8_t *data, uint16_t len,
+static int bufp_alloc(USBRedirDevice *dev, uint8_t *data, uint16_t len,
uint8_t status, uint8_t ep, void *free_on_destroy)
{
struct buf_packet *bufp;
@@ -464,7 +464,7 @@ static void bufp_alloc(USBRedirDevice *dev, uint8_t *data, uint16_t len,
if (dev->endpoint[EP2I(ep)].bufpq_size >
dev->endpoint[EP2I(ep)].bufpq_target_size) {
free(data);
- return;
+ return -1;
}
dev->endpoint[EP2I(ep)].bufpq_dropping_packets = 0;
}
@@ -477,6 +477,7 @@ static void bufp_alloc(USBRedirDevice *dev, uint8_t *data, uint16_t len,
bufp->free_on_destroy = free_on_destroy;
QTAILQ_INSERT_TAIL(&dev->endpoint[EP2I(ep)].bufpq, bufp, next);
dev->endpoint[EP2I(ep)].bufpq_size++;
+ return 0;
}
static void bufp_free(USBRedirDevice *dev, struct buf_packet *bufp,
@@ -2082,13 +2083,17 @@ static void usbredir_buffered_bulk_packet(void *priv, uint64_t id,
status = usb_redir_success;
free_on_destroy = NULL;
for (i = 0; i < data_len; i += len) {
+ int r;
if (len >= (data_len - i)) {
len = data_len - i;
status = buffered_bulk_packet->status;
free_on_destroy = data;
}
/* bufp_alloc also adds the packet to the ep queue */
- bufp_alloc(dev, data + i, len, status, ep, free_on_destroy);
+ r = bufp_alloc(dev, data + i, len, status, ep, free_on_destroy);
+ if (r) {
+ break;
+ }
}
if (dev->endpoint[EP2I(ep)].pending_async_packet) {
--
1.8.3.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [Qemu-devel] [PULL 0/2] usb: redirect bugfix, MAINTAINERS update.
2016-02-29 11:10 [Qemu-devel] [PULL 0/2] usb: redirect bugfix, MAINTAINERS update Gerd Hoffmann
2016-02-29 11:11 ` [Qemu-devel] [PULL 1/2] MAINTAINERS: Add some missing entries for USB related files Gerd Hoffmann
2016-02-29 11:11 ` [Qemu-devel] [PULL 2/2] usb-redirect: Avoid double free of data Gerd Hoffmann
@ 2016-02-29 13:05 ` Peter Maydell
2 siblings, 0 replies; 4+ messages in thread
From: Peter Maydell @ 2016-02-29 13:05 UTC (permalink / raw)
To: Gerd Hoffmann; +Cc: QEMU Developers
On 29 February 2016 at 11:10, Gerd Hoffmann <kraxel@redhat.com> wrote:
> Hi,
>
> Here is the usb patch queue with a bugfix and a MAINTAINERS update.
>
> please pull,
> Gerd
>
> The following changes since commit 6e378dd214fbbae8138ff011ec3de7ddf13a445f:
>
> Merge remote-tracking branch 'remotes/pmaydell/tags/pull-target-arm-20160226' into staging (2016-02-26 16:02:00 +0000)
>
> are available in the git repository at:
>
>
> git://git.kraxel.org/qemu tags/pull-usb-20160229-1
>
> for you to fetch changes up to e8ce12d9eaeedeb7f8d9debcd4c9b993903f1abb:
>
> usb-redirect: Avoid double free of data (2016-02-29 11:45:26 +0100)
>
> ----------------------------------------------------------------
> usb: redirect bugfix, MAINTAINERS update.
>
> ----------------------------------------------------------------
Applied, thanks.
-- PMM
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-02-29 13:05 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-02-29 11:10 [Qemu-devel] [PULL 0/2] usb: redirect bugfix, MAINTAINERS update Gerd Hoffmann
2016-02-29 11:11 ` [Qemu-devel] [PULL 1/2] MAINTAINERS: Add some missing entries for USB related files Gerd Hoffmann
2016-02-29 11:11 ` [Qemu-devel] [PULL 2/2] usb-redirect: Avoid double free of data Gerd Hoffmann
2016-02-29 13:05 ` [Qemu-devel] [PULL 0/2] usb: redirect bugfix, MAINTAINERS update Peter Maydell
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.