I have applied the two security patches mentioned in XSA-41 v2. But
we also need this.
Ian.
commit 2a1354d655d816feaad7dbdb8364f40a208439c1
Author: Ian Jackson <ian.jackson@eu.citrix.com>
Date: Thu Jan 17 15:52:16 2013 +0000
e1000: fix compile warning introduced by security fix, and debugging
e33f918c19e393900b95a2bb6b10668dfe96a8f2, the fix for XSA-41,
and its cherry picks in 4.2 and 4.1 introduced this compiler warning:
hw/e1000.c:641: warning: ''return'' with a value, in
function returning void
In upstream qemu (where this change came from), e1000_receive returns
a value used by queueing machinery to decide whether to try
resubmitting the packet later. Returning "size" means that the
packet
has been dealt with and should not be retried.
In this old branch (aka qemu-xen-traditional), this machinery is
absent and e1000_receive returns void. Fix the return statement.
Also add a debugging statement along the lines of the others in this
function.
Signed-off-by: Ian Jackson <ian.jackson@eu.citrix.com>
diff --git a/hw/e1000.c b/hw/e1000.c
index 67d2651..c75bc5e 100644
--- a/hw/e1000.c
+++ b/hw/e1000.c
@@ -638,7 +638,8 @@ e1000_receive(void *opaque, const uint8_t *buf, int size)
(size > MAXIMUM_ETHERNET_VLAN_SIZE
&& !(s->mac_reg[RCTL] & E1000_RCTL_LPE)))
&& !(s->mac_reg[RCTL] & E1000_RCTL_SBP)) {
- return size;
+ DBGOUT(RX, "packet too large for applicable LPE/VLAN
size\n");
+ return;
}
if (!receive_filter(s, buf, size))