Changeset 104337 in vbox for trunk/src

Timestamp:

Apr 17, 2024 11:48:57 AM (13 months ago)

Author:

vboxsync

svn:sync-xref-src-repo-rev:

162819

Message:

VBoxNetFlt: Fixed regression from r162583 where the buffer was overlapping the buffer segment descriptor. bugref:10585

File:

trunk/src/VBox/HostDrivers/VBoxNetFlt/win/drv/VBoxNetFltRt-win.cpp

-              r104159
+              r104337
 DECLHIDDEN(NDIS_STATUS) vboxNetFltWinAllocSG(UINT cbPacket, PINTNETSG *ppSG)
+{
-    NDIS_STATUS Status;
-    PINTNETSG pSG;
     /* allocation:
      * 1. SG_PACKET - with one aSegs pointing to
      * 2. buffer of cbPacket containing the entire packet */
     AssertCompileSizeAlignment(INTNETSG, sizeof(PVOID));
+    Status = vboxNetFltWinMemAlloc((PVOID*)&pSG, cbPacket + RT_UOFFSETOF_DYN(INTNETSG, aSegs[1]));
+    PINTNETSG   pSG    = NULL;
+    UINT const  cbSg   = RT_UOFFSETOF_DYN(INTNETSG, aSegs[1]);
+    NDIS_STATUS Status = vboxNetFltWinMemAlloc((PVOID *)&pSG, cbSg + cbPacket);
     if (Status == NDIS_STATUS_SUCCESS)
+    {
         IntNetSgInitTemp(pSG, pSG + 1, cbPacket);
+        IntNetSgInitTemp(pSG, (uint8_t *)pSG + cbSg, cbPacket);
         LogFlow(("pSG created (%p)\n", pSG));
         *ppSG = pSG;

Note: See TracChangeset for help on using the changeset viewer.