Hi:

This series tries to fix a possible OOB during queueing packets
through qemu_net_queue_append_iov(). This could happen when it tries
to queue a packet whose size is larger than INT_MAX which may lead
integer overflow. We've fixed similar issue in the past during
qemu_net_queue_deliver_iov() by ignoring large packets there. Let's
just move the check earlier to qemu_sendv_packet_async() and reduce
the limitation to NET_BUFSIZE. A simple qtest were also added this.

Please review.

Thanks

Changes from V1:
- slient compiling warnings
Changes from V2:
- don't use variable length argument

Jason Wang (4):
  net: drop too large packet early
  virtio-net-test: accept command line string instead of socket
  virtio-net-test: remove unused macro
  virtio-net-test: add large tx buffer test

 net/net.c               | 13 ++++-----
 tests/virtio-net-test.c | 60 ++++++++++++++++++++++++++++++++++++-----
 2 files changed, 60 insertions(+), 13 deletions(-)

-- 
2.17.1

On 2018/12/3 下午5:35, Jason Wang wrote:
> Hi:
>
> This series tries to fix a possible OOB during queueing packets
> through qemu_net_queue_append_iov(). This could happen when it tries
> to queue a packet whose size is larger than INT_MAX which may lead
> integer overflow. We've fixed similar issue in the past during
> qemu_net_queue_deliver_iov() by ignoring large packets there. Let's
> just move the check earlier to qemu_sendv_packet_async() and reduce
> the limitation to NET_BUFSIZE. A simple qtest were also added this.
>
> Please review.
>
> Thanks


Wrong version, please ignore this.

Thanks