diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2018-06-08 10:26:16 +0100 |
|---|---|---|
| committer | Peter Maydell <peter.maydell@linaro.org> | 2018-06-08 10:26:16 +0100 |
| commit | bac5ba3dc5da706f52c149fa6c0bd1dc96899bec (patch) | |
| tree | 791b3a42ac44e8cb87ecff103288b9bb61a55f70 | |
| parent | a674da0ab7eae704c3f91749114ec6ca00c663d7 (diff) | |
| parent | c22098c74a09164797fae6511c5eaf68f32c4dd8 (diff) | |
Merge remote-tracking branch 'remotes/thibault/tags/samuel-thibault' into staging
slirp updates
Prasad J Pandit (2):
slirp: Fix buffer overflow on packet reassembling
Samuel Thibault (3):
slirp: Add Samuel Thibault's staging tree for slirp
slirp: fix domainname version availability
# gpg: Signature made Fri 08 Jun 2018 07:12:24 BST
# gpg: using RSA key 996849C1CF560478
# gpg: Good signature from "Samuel Thibault <samuel.thibault@aquilenet.fr>"
# gpg: aka "Samuel Thibault <sthibault@debian.org>"
# gpg: aka "Samuel Thibault <samuel.thibault@gnu.org>"
# gpg: aka "Samuel Thibault <samuel.thibault@inria.fr>"
# gpg: aka "Samuel Thibault <samuel.thibault@labri.fr>"
# gpg: aka "Samuel Thibault <samuel.thibault@ens-lyon.org>"
# gpg: aka "Samuel Thibault <samuel.thibault@u-bordeaux.fr>"
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg: It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 900C B024 B679 31D4 0F82 304B D017 8C76 7D06 9EE6
# Subkey fingerprint: 3A3A 5D46 4660 E867 610C A427 9968 49C1 CF56 0478
* remotes/thibault/tags/samuel-thibault:
slirp: reformat m_inc routine
slirp: correct size computation while concatenating mbuf
slirp: fix domainname version availability
slirp: Add Samuel Thibault's staging tree for slirp
slirp: Fix spurious error report when sending directly
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
| -rw-r--r-- | MAINTAINERS | 1 | ||||
| -rw-r--r-- | qapi/net.json | 2 | ||||
| -rw-r--r-- | slirp/mbuf.c | 39 | ||||
| -rw-r--r-- | slirp/mbuf.h | 8 | ||||
| -rw-r--r-- | slirp/socket.c | 14 |
5 files changed, 30 insertions, 34 deletions
diff --git a/MAINTAINERS b/MAINTAINERS index 41cd3736a9..4c73c16fee 100644 --- a/MAINTAINERS +++ b/MAINTAINERS @@ -1675,6 +1675,7 @@ S: Maintained F: slirp/ F: net/slirp.c F: include/net/slirp.h +T: git https://people.debian.org/~sthibault/qemu.git slirp T: git git://git.kiszka.org/qemu.git queues/slirp Stubs diff --git a/qapi/net.json b/qapi/net.json index 32681a1af7..6b7d93cb59 100644 --- a/qapi/net.json +++ b/qapi/net.json @@ -161,7 +161,7 @@ # to the guest # # @domainname: guest-visible domain name of the virtual nameserver -# (since 2.12) +# (since 3.0) # # @ipv6-prefix: IPv6 network prefix (default is fec0::) (since # 2.6). The network prefix is given in the usual diff --git a/slirp/mbuf.c b/slirp/mbuf.c index 5ff24559fd..0c189e1a7b 100644 --- a/slirp/mbuf.c +++ b/slirp/mbuf.c @@ -138,7 +138,7 @@ m_cat(struct mbuf *m, struct mbuf *n) * If there's no room, realloc */ if (M_FREEROOM(m) < n->m_len) - m_inc(m,m->m_size+MINCSIZE); + m_inc(m, m->m_len + n->m_len); memcpy(m->m_data+m->m_len, n->m_data, n->m_len); m->m_len += n->m_len; @@ -147,32 +147,29 @@ m_cat(struct mbuf *m, struct mbuf *n) } -/* make m size bytes large */ +/* make m 'size' bytes large from m_data */ void m_inc(struct mbuf *m, int size) { - int datasize; + int datasize; - /* some compiles throw up on gotos. This one we can fake. */ - if(m->m_size>size) return; - - if (m->m_flags & M_EXT) { - datasize = m->m_data - m->m_ext; - m->m_ext = g_realloc(m->m_ext, size); - m->m_data = m->m_ext + datasize; - } else { - char *dat; - datasize = m->m_data - m->m_dat; - dat = g_malloc(size); - memcpy(dat, m->m_dat, m->m_size); - - m->m_ext = dat; - m->m_data = m->m_ext + datasize; - m->m_flags |= M_EXT; - } + /* some compilers throw up on gotos. This one we can fake. */ + if (m->m_size > size) { + return; + } - m->m_size = size; + if (m->m_flags & M_EXT) { + datasize = m->m_data - m->m_ext; + m->m_ext = g_realloc(m->m_ext, size + datasize); + } else { + datasize = m->m_data - m->m_dat; + m->m_ext = g_malloc(size + datasize); + memcpy(m->m_ext, m->m_dat, m->m_size); + m->m_flags |= M_EXT; + } + m->m_data = m->m_ext + datasize; + m->m_size = size + datasize; } diff --git a/slirp/mbuf.h b/slirp/mbuf.h index 893601ff9d..33b84485d6 100644 --- a/slirp/mbuf.h +++ b/slirp/mbuf.h @@ -33,8 +33,6 @@ #ifndef MBUF_H #define MBUF_H -#define MINCSIZE 4096 /* Amount to increase mbuf if too small */ - /* * Macros for type conversion * mtod(m,t) - convert mbuf pointer to data pointer of correct type @@ -72,11 +70,11 @@ struct mbuf { struct mbuf *m_prevpkt; /* Flags aren't used in the output queue */ int m_flags; /* Misc flags */ - int m_size; /* Size of data */ + int m_size; /* Size of mbuf, from m_dat or m_ext */ struct socket *m_so; - caddr_t m_data; /* Location of data */ - int m_len; /* Amount of data in this mbuf */ + caddr_t m_data; /* Current location of data */ + int m_len; /* Amount of data in this mbuf, from m_data */ Slirp *slirp; bool resolution_requested; diff --git a/slirp/socket.c b/slirp/socket.c index e2a71c9b04..08fe98907d 100644 --- a/slirp/socket.c +++ b/slirp/socket.c @@ -340,7 +340,7 @@ sosendoob(struct socket *so) struct sbuf *sb = &so->so_rcv; char buff[2048]; /* XXX Shouldn't be sending more oob data than this */ - int n, len; + int n; DEBUG_CALL("sosendoob"); DEBUG_ARG("so = %p", so); @@ -359,7 +359,7 @@ sosendoob(struct socket *so) * send it all */ uint32_t urgc = so->so_urgc; - len = (sb->sb_data + sb->sb_datalen) - sb->sb_rptr; + int len = (sb->sb_data + sb->sb_datalen) - sb->sb_rptr; if (len > urgc) { len = urgc; } @@ -374,13 +374,13 @@ sosendoob(struct socket *so) len += n; } n = slirp_send(so, buff, len, (MSG_OOB)); /* |MSG_DONTWAIT)); */ - } - #ifdef DEBUG - if (n != len) { - DEBUG_ERROR((dfd, "Didn't send all data urgently XXXXX\n")); - } + if (n != len) { + DEBUG_ERROR((dfd, "Didn't send all data urgently XXXXX\n")); + } #endif + } + if (n < 0) { return n; } |