[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH] hw/arm_timer.c: Fix bounds check for Integrator tim
From: |
Peter Maydell |
Subject: |
[Qemu-devel] [PATCH] hw/arm_timer.c: Fix bounds check for Integrator timer accesses |
Date: |
Fri, 11 Nov 2011 13:30:15 +0000 |
There are only three counter/timers on the integrator board:
correct the bounds check to avoid an array overrun. (Spotted
by Coverity, see bug 887883).
Signed-off-by: Peter Maydell <address@hidden>
---
hw/arm_timer.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/arm_timer.c b/hw/arm_timer.c
index 09a4b24..66db81d 100644
--- a/hw/arm_timer.c
+++ b/hw/arm_timer.c
@@ -269,7 +269,7 @@ static uint64_t icp_pit_read(void *opaque,
target_phys_addr_t offset,
/* ??? Don't know the PrimeCell ID for this device. */
n = offset >> 8;
- if (n > 3) {
+ if (n > 2) {
hw_error("sp804_read: Bad timer %d\n", n);
}
@@ -283,7 +283,7 @@ static void icp_pit_write(void *opaque, target_phys_addr_t
offset,
int n;
n = offset >> 8;
- if (n > 3) {
+ if (n > 2) {
hw_error("sp804_write: Bad timer %d\n", n);
}
--
1.7.1
- [Qemu-devel] [PATCH] hw/arm_timer.c: Fix bounds check for Integrator timer accesses,
Peter Maydell <=