www.infradead.org Git - users/dwmw2/qemu.git/commit

author	Stefan Weil <sw@weilnetz.de>
	Tue, 4 Sep 2012 17:37:39 +0000 (19:37 +0200)
committer	Michael Roth <mdroth@linux.vnet.ibm.com>
	Tue, 9 Oct 2012 06:58:30 +0000 (01:58 -0500)
commit	b750d224664bd4b726c87117f51f90e47516230f
tree	134139e55cbb6202e2ded90d93618df5c8712d41	tree
parent	bd4dba66584c36e33195e42ed4d503549b17d4d8	commit \| diff

hw/mcf5206: Fix buffer overflow for MBAR read / write

Report from smatch:

mcf5206.c:384 m5206_mbar_readb(7) error: buffer overflow 'm5206_mbar_width' 128 <= 128
mcf5206.c:403 m5206_mbar_readw(8) error: buffer overflow 'm5206_mbar_width' 128 <= 128
mcf5206.c:427 m5206_mbar_readl(8) error: buffer overflow 'm5206_mbar_width' 128 <= 128
mcf5206.c:451 m5206_mbar_writeb(9) error: buffer overflow 'm5206_mbar_width' 128 <= 128
mcf5206.c:475 m5206_mbar_writew(9) error: buffer overflow 'm5206_mbar_width' 128 <= 128
mcf5206.c:503 m5206_mbar_writel(9) error: buffer overflow 'm5206_mbar_width' 128 <= 128

m5206_mbar_width has 0x80 elements and supports 0 <= offset < 0x200.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Aurelien Jarno <aurelien@aurel32.net>
(cherry picked from commit a32354e206895400d17c3de9a8df1de96d3df289)

Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>