From 671ac0de22689db93afb37dce54837641f353f46 Mon Sep 17 00:00:00 2001
From: "kfraser@localhost.localdomain" <kfraser@localhost.localdomain>
Date: Thu, 30 Nov 2006 17:33:11 +0000
Subject: [PATCH] [QEMU] usb-uhci: Data buffer is too small

The data buffer is only 1280 bytes long but the user-supplied length
can be as large as 0x7ff.  This patch extends the buffer to 2048
bytes.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
 tools/ioemu/hw/usb-uhci.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/ioemu/hw/usb-uhci.c b/tools/ioemu/hw/usb-uhci.c
index c6394cdda3..4b8db28717 100644
--- a/tools/ioemu/hw/usb-uhci.c
+++ b/tools/ioemu/hw/usb-uhci.c
@@ -421,7 +421,7 @@ static int uhci_broadcast_packet(UHCIState *s, uint8_t pid,
 static int uhci_handle_td(UHCIState *s, UHCI_TD *td, int *int_mask)
 {
     uint8_t pid;
-    uint8_t buf[1280];
+    uint8_t buf[2048];
     int len, max_len, err, ret;
 
     if (td->ctrl & TD_CTRL_IOC) {
-- 
2.30.2