projects / xen.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: c669da8)
[QEMU] usb-uhci: Data buffer is too small
authorkfraser@localhost.localdomain <kfraser@localhost.localdomain>
Thu, 30 Nov 2006 17:33:11 +0000 (17:33 +0000)
committerkfraser@localhost.localdomain <kfraser@localhost.localdomain>
Thu, 30 Nov 2006 17:33:11 +0000 (17:33 +0000)
The data buffer is only 1280 bytes long but the user-supplied length
can be as large as 0x7ff.  This patch extends the buffer to 2048
bytes.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
tools/ioemu/hw/usb-uhci.c patch | blob | history

diff --git a/tools/ioemu/hw/usb-uhci.c b/tools/ioemu/hw/usb-uhci.c
index c6394cdda312af3a437d98cc50525563320e8360..4b8db28717cae41da2894ccfc6282355c36d2cdc 100644 (file)
--- a/tools/ioemu/hw/usb-uhci.c
+++ b/tools/ioemu/hw/usb-uhci.c
@@ -421,7 +421,7 @@ static int uhci_broadcast_packet(UHCIState *s, uint8_t pid,
 static int uhci_handle_td(UHCIState *s, UHCI_TD *td, int *int_mask)
 {
     uint8_t pid;
-    uint8_t buf[1280];
+    uint8_t buf[2048];
     int len, max_len, err, ret;
 
     if (td->ctrl & TD_CTRL_IOC) {
Unnamed repository; edit this file 'description' to name the repository.