-
由 Jason Wang 提交于
The tx buffer would be re-allocated for tx descriptor with big size and without LS bit set, this would make guest driver could easily let qemu to allocate unlimited. In linux host, a glib failure were easy to be triggered: GLib-ERROR **: gmem.c:176: failed to allocate 18446744071562067968 bytes This patch fix this by adding a limit. As the spec didn't tell the maximum size of buffer allowed, stick it to current CP_TX_BUFFER_SIZE (65536). Changes from V1: Drop the while statement and s->cplus_txbuffer check. Signed-off-by: NJason Wang <jasowang@redhat.com> Reviewed-by: NStefan Hajnoczi <stefanha@linux.vnet.ibm.com> Signed-off-by: NMichael S. Tsirkin <mst@redhat.com>
cde31a0e