[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH] target-cris: Fix buffer overflow
From: |
Edgar E. Iglesias |
Subject: |
Re: [Qemu-devel] [PATCH] target-cris: Fix buffer overflow |
Date: |
Fri, 7 Sep 2012 10:47:48 +0200 |
User-agent: |
Mutt/1.5.21 (2010-09-15) |
On Tue, Sep 04, 2012 at 07:45:52AM +0200, Stefan Weil wrote:
> Report from smatch:
>
> target-cris/translate.c:3464 cpu_dump_state(32) error:
> buffer overflow 'env->sregs' 4 <= 255
>
> sregs is declared 'uint32_t sregs[4][16]', so the first index must be
> less than 4.
Hi Stefan,
I think it would be better to use ARRAY_SIZE(env->sregs) instead of 4.
The cris arch allows up to 256 sregs, but we only implement 4
at the moment. There are other uses of hardcoded 4 in the code
that could be fixed aswell if you have time.
Thanks,
Edgar