[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-trivial] [PATCH for 2.10 15/35] usb: correctly handle Zero Len
From: |
Philippe Mathieu-Daudé |
Subject: |
Re: [Qemu-trivial] [PATCH for 2.10 15/35] usb: correctly handle Zero Length Packets |
Date: |
Tue, 29 May 2018 11:22:46 -0300 |
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 |
On 07/24/2017 03:27 PM, Philippe Mathieu-Daudé wrote:
> USB Specification Revision 2.0, §5.5.3:
> The Data stage of a control transfer from an endpoint to the host is
> complete when the endpoint does one of the following:
> • Has transferred exactly the amount of data specified during the Setup
> stage
> • Transfers a packet with a payload size less than wMaxPacketSize or
> transfers a zero-length packet"
>
> hw/usb/redirect.c:802:9: warning: Declared variable-length array (VLA) has
> zero size
> uint8_t buf[size];
> ^~~~~~~~~~~ ~~~~
>
> Reported-by: Clang Static Analyzer
> Signed-off-by: Philippe Mathieu-Daudé <address@hidden>
> ---
> hw/usb/redirect.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c
> index 5e42730449..5b7073d2cd 100644
> --- a/hw/usb/redirect.c
> +++ b/hw/usb/redirect.c
> @@ -795,7 +795,7 @@ static void usbredir_handle_bulk_data(USBRedirDevice
> *dev, USBPacket *p,
> usbredirparser_peer_has_cap(dev->parser,
> usb_redir_cap_32bits_bulk_length));
>
> - if (ep & USB_DIR_IN) {
> + if (ep & USB_DIR_IN || size == 0) {
> usbredirparser_send_bulk_packet(dev->parser, p->id,
> &bulk_packet, NULL, 0);
> } else {
>
Ping?
- Re: [Qemu-trivial] [PATCH for 2.10 15/35] usb: correctly handle Zero Length Packets,
Philippe Mathieu-Daudé <=