[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Stable-7.2.11 13/41] Avoid unaligned fetch in ladr_match()
|
From: |
Michael Tokarev |
|
Subject: |
[Stable-7.2.11 13/41] Avoid unaligned fetch in ladr_match() |
|
Date: |
Wed, 10 Apr 2024 08:43:34 +0300 |
From: Nick Briggs <nicholas.h.briggs@gmail.com>
There is no guarantee that the PCNetState is allocated such that
csr[8] is allocated on an 8-byte boundary. Since not all hosts are
capable of unaligned fetches the 16-bit elements need to be fetched
individually to avoid a potential fault. Closes issue #2143
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2143
Signed-off-by: Nick Briggs <nicholas.h.briggs@gmail.com>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Jason Wang <jasowang@redhat.com>
(cherry picked from commit 6a5287ce80470bb8df95901d73ee779a64e70c3a)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c
index 56c3d14ad6..05ce8310ef 100644
--- a/hw/net/pcnet.c
+++ b/hw/net/pcnet.c
@@ -632,7 +632,7 @@ static inline int ladr_match(PCNetState *s, const uint8_t
*buf, int size)
{
struct qemu_ether_header *hdr = (void *)buf;
if ((*(hdr->ether_dhost)&0x01) &&
- ((uint64_t *)&s->csr[8])[0] != 0LL) {
+ (s->csr[8] | s->csr[9] | s->csr[10] | s->csr[11]) != 0) {
uint8_t ladr[8] = {
s->csr[8] & 0xff, s->csr[8] >> 8,
s->csr[9] & 0xff, s->csr[9] >> 8,
--
2.39.2
- [Stable-7.2.11 01/41] gitlab: update FreeBSD Cirrus CI image to 13.3, (continued)
- [Stable-7.2.11 01/41] gitlab: update FreeBSD Cirrus CI image to 13.3, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 02/41] ui/cocoa: Fix window clipping on macOS 14, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 04/41] tests/tcg/aarch64/sysregs.c: Use S syntax for id_aa64zfr0_el1 and id_aa64smfr0_el1, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 05/41] target/arm: Fix SME full tile indexing, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 06/41] hw/rtc/sun4v-rtc: Relicense to GPLv2-or-later, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 03/41] target/arm: align exposed ID registers with Linux, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 07/41] system/qdev-monitor: move drain_call_rcu call under if (!dev) in qmp_device_add(), Michael Tokarev, 2024/04/10
- [Stable-7.2.11 08/41] hw/scsi/lsi53c895a: stop script on phase mismatch, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 09/41] hw/scsi/lsi53c895a: add missing decrement of reentrancy counter, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 10/41] hw/scsi/lsi53c895a: add timer to scripts processing, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 13/41] Avoid unaligned fetch in ladr_match(),
Michael Tokarev <=
- [Stable-7.2.11 12/41] e1000e: fix link state on resume, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 11/41] make-release: switch to .xz format by default, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 15/41] hw/nvme: cleanup error reporting in nvme_init_pci(), Michael Tokarev, 2024/04/10
- [Stable-7.2.11 19/41] pcie: Introduce pcie_sriov_num_vfs, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 18/41] hw/nvme: add machine compatibility parameter to enable msix exclusive bar, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 20/41] hw/nvme: Use pcie_sriov_num_vfs(), Michael Tokarev, 2024/04/10
- [Stable-7.2.11 14/41] hw/nvme: clean up confusing use of errp/local_err, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 22/41] hmat acpi: Fix out of bounds access due to missing use of indirection, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 16/41] hw/nvme: separate 'serial' property for VFs, Michael Tokarev, 2024/04/10
- [Stable-7.2.11 17/41] hw/nvme: generalize the mbar size helper, Michael Tokarev, 2024/04/10