diff options
| author | Nick Briggs <nicholas.h.briggs@gmail.com> | 2024-02-01 10:11:17 -0800 |
|---|---|---|
| committer | Jason Wang <jasowang@redhat.com> | 2024-03-12 19:28:32 +0800 |
| commit | 6a5287ce80470bb8df95901d73ee779a64e70c3a (patch) | |
| tree | aba84c2c843f89fce97bdbf8e37fcb803fbb0adf | |
| parent | 4cadf10234989861398e19f3bb441d3861f3bb7c (diff) | |
| download | focaccia-qemu-6a5287ce80470bb8df95901d73ee779a64e70c3a.tar.gz focaccia-qemu-6a5287ce80470bb8df95901d73ee779a64e70c3a.zip | |
Avoid unaligned fetch in ladr_match()
There is no guarantee that the PCNetState is allocated such that csr[8] is allocated on an 8-byte boundary. Since not all hosts are capable of unaligned fetches the 16-bit elements need to be fetched individually to avoid a potential fault. Closes issue #2143 Resolves: https://gitlab.com/qemu-project/qemu/-/issues/2143 Signed-off-by: Nick Briggs <nicholas.h.briggs@gmail.com> Reviewed-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Jason Wang <jasowang@redhat.com>
| -rw-r--r-- | hw/net/pcnet.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/hw/net/pcnet.c b/hw/net/pcnet.c index 494eab8479..ad675ab29d 100644 --- a/hw/net/pcnet.c +++ b/hw/net/pcnet.c @@ -632,7 +632,7 @@ static inline int ladr_match(PCNetState *s, const uint8_t *buf, int size) { struct qemu_ether_header *hdr = (void *)buf; if ((*(hdr->ether_dhost)&0x01) && - ((uint64_t *)&s->csr[8])[0] != 0LL) { + (s->csr[8] | s->csr[9] | s->csr[10] | s->csr[11]) != 0) { uint8_t ladr[8] = { s->csr[8] & 0xff, s->csr[8] >> 8, s->csr[9] & 0xff, s->csr[9] >> 8, |