[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for 2.10 15/35] usb: correctly handle Zero Lengt
From: |
Gerd Hoffmann |
Subject: |
Re: [Qemu-devel] [PATCH for 2.10 15/35] usb: correctly handle Zero Length Packets |
Date: |
Wed, 30 May 2018 08:16:33 +0200 |
User-agent: |
NeoMutt/20180512 |
On Tue, May 29, 2018 at 11:22:46AM -0300, Philippe Mathieu-Daudé wrote:
> On 07/24/2017 03:27 PM, Philippe Mathieu-Daudé wrote:
> > USB Specification Revision 2.0, §5.5.3:
> > The Data stage of a control transfer from an endpoint to the host is
> > complete when the endpoint does one of the following:
> > • Has transferred exactly the amount of data specified during the Setup
> > stage
> > • Transfers a packet with a payload size less than wMaxPacketSize or
> > transfers a zero-length packet"
> >
> > hw/usb/redirect.c:802:9: warning: Declared variable-length array (VLA) has
> > zero size
> > uint8_t buf[size];
> > ^~~~~~~~~~~ ~~~~
> >
> > Reported-by: Clang Static Analyzer
> > Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
> > ---
> > hw/usb/redirect.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
> > index 5e42730449..5b7073d2cd 100644
> > --- a/hw/usb/redirect.c
> > +++ b/hw/usb/redirect.c
> > @@ -795,7 +795,7 @@ static void usbredir_handle_bulk_data(USBRedirDevice
> > *dev, USBPacket *p,
> > usbredirparser_peer_has_cap(dev->parser,
> > usb_redir_cap_32bits_bulk_length));
> >
> > - if (ep & USB_DIR_IN) {
> > + if (ep & USB_DIR_IN || size == 0) {
> > usbredirparser_send_bulk_packet(dev->parser, p->id,
> > &bulk_packet, NULL, 0);
> > } else {
> >
>
> Ping?
Whoops, pretty old one. Don't have this in my qemu-devel archive any
more. Can you rebase + resend?
thanks,
Gerd