Message ID | 20170724182751.18261-16-f4bug@amsat.org |
---|---|
State | New |
Headers | show |
On 07/24/2017 03:27 PM, Philippe Mathieu-Daudé wrote: > USB Specification Revision 2.0, §5.5.3: > The Data stage of a control transfer from an endpoint to the host is complete when the endpoint does one of the following: > • Has transferred exactly the amount of data specified during the Setup stage > • Transfers a packet with a payload size less than wMaxPacketSize or transfers a zero-length packet" > > hw/usb/redirect.c:802:9: warning: Declared variable-length array (VLA) has zero size > uint8_t buf[size]; > ^~~~~~~~~~~ ~~~~ > > Reported-by: Clang Static Analyzer > Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> > --- > hw/usb/redirect.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c > index 5e42730449..5b7073d2cd 100644 > --- a/hw/usb/redirect.c > +++ b/hw/usb/redirect.c > @@ -795,7 +795,7 @@ static void usbredir_handle_bulk_data(USBRedirDevice *dev, USBPacket *p, > usbredirparser_peer_has_cap(dev->parser, > usb_redir_cap_32bits_bulk_length)); > > - if (ep & USB_DIR_IN) { > + if (ep & USB_DIR_IN || size == 0) { > usbredirparser_send_bulk_packet(dev->parser, p->id, > &bulk_packet, NULL, 0); > } else { > Ping?
On Tue, May 29, 2018 at 11:22:46AM -0300, Philippe Mathieu-Daudé wrote: > On 07/24/2017 03:27 PM, Philippe Mathieu-Daudé wrote: > > USB Specification Revision 2.0, §5.5.3: > > The Data stage of a control transfer from an endpoint to the host is complete when the endpoint does one of the following: > > • Has transferred exactly the amount of data specified during the Setup stage > > • Transfers a packet with a payload size less than wMaxPacketSize or transfers a zero-length packet" > > > > hw/usb/redirect.c:802:9: warning: Declared variable-length array (VLA) has zero size > > uint8_t buf[size]; > > ^~~~~~~~~~~ ~~~~ > > > > Reported-by: Clang Static Analyzer > > Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> > > --- > > hw/usb/redirect.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c > > index 5e42730449..5b7073d2cd 100644 > > --- a/hw/usb/redirect.c > > +++ b/hw/usb/redirect.c > > @@ -795,7 +795,7 @@ static void usbredir_handle_bulk_data(USBRedirDevice *dev, USBPacket *p, > > usbredirparser_peer_has_cap(dev->parser, > > usb_redir_cap_32bits_bulk_length)); > > > > - if (ep & USB_DIR_IN) { > > + if (ep & USB_DIR_IN || size == 0) { > > usbredirparser_send_bulk_packet(dev->parser, p->id, > > &bulk_packet, NULL, 0); > > } else { > > > > Ping? Whoops, pretty old one. Don't have this in my qemu-devel archive any more. Can you rebase + resend? thanks, Gerd
diff --git a/hw/usb/redirect.c b/hw/usb/redirect.c index 5e42730449..5b7073d2cd 100644 --- a/hw/usb/redirect.c +++ b/hw/usb/redirect.c @@ -795,7 +795,7 @@ static void usbredir_handle_bulk_data(USBRedirDevice *dev, USBPacket *p, usbredirparser_peer_has_cap(dev->parser, usb_redir_cap_32bits_bulk_length)); - if (ep & USB_DIR_IN) { + if (ep & USB_DIR_IN || size == 0) { usbredirparser_send_bulk_packet(dev->parser, p->id, &bulk_packet, NULL, 0); } else {
USB Specification Revision 2.0, §5.5.3: The Data stage of a control transfer from an endpoint to the host is complete when the endpoint does one of the following: • Has transferred exactly the amount of data specified during the Setup stage • Transfers a packet with a payload size less than wMaxPacketSize or transfers a zero-length packet" hw/usb/redirect.c:802:9: warning: Declared variable-length array (VLA) has zero size uint8_t buf[size]; ^~~~~~~~~~~ ~~~~ Reported-by: Clang Static Analyzer Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org> --- hw/usb/redirect.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)