On 2020/3/27 上午5:11, Peter Maydell wrote:
On Tue, 17 Mar 2020 at 06:13, Jason Wang <jasow...@redhat.com> wrote:
On 2020/3/13 上午4:16, Peter Maydell wrote:
The i82596_receive() function attempts to pass the guest a buffer
which is effectively the concatenation of the data it is passed and a
4 byte CRC value. However, rather than implementing this as "write
the data; then write the CRC" it instead bumps the length value of
the data by 4, and writes 4 extra bytes from beyond the end of the
buffer, which it then overwrites with the CRC. It also assumed that
we could always fit all four bytes of the CRC into the final receive
buffer, which might not be true if the CRC needs to be split over two
receive buffers.
Applied.
Hi Jason -- this doesn't seem to have reached master yet.
Has it gotten lost somewhere along the line?
thanks
-- PMM
Nope, it's in my queue.
I will send a pull request shortly.
Thanks
