[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 17/17] hw/arm/omap_gpmc: Avoid buffer overrun filling
From: |
Peter Maydell |
Subject: |
[Qemu-devel] [PULL 17/17] hw/arm/omap_gpmc: Avoid buffer overrun filling prefetch FIFO |
Date: |
Tue, 13 May 2014 16:31:39 +0100 |
In fill_prefetch_fifo(), if the device we are reading from is 16 bit,
then we must not try to transfer an odd number of bytes into the FIFO.
This could otherwise have resulted in our overrunning the prefetch.fifo
array by one byte.
Signed-off-by: Peter Maydell <address@hidden>
Reviewed-by: Peter Crosthwaite <address@hidden>
---
hw/misc/omap_gpmc.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/hw/misc/omap_gpmc.c b/hw/misc/omap_gpmc.c
index 2047274..cddea24 100644
--- a/hw/misc/omap_gpmc.c
+++ b/hw/misc/omap_gpmc.c
@@ -242,6 +242,10 @@ static void fill_prefetch_fifo(struct omap_gpmc_s *s)
if (bytes > s->prefetch.count) {
bytes = s->prefetch.count;
}
+ if (is16bit) {
+ bytes &= ~1;
+ }
+
s->prefetch.count -= bytes;
s->prefetch.fifopointer += bytes;
fptr = 64 - s->prefetch.fifopointer;
--
1.9.2
- [Qemu-devel] [PULL 00/17] target-arm queue, Peter Maydell, 2014/05/13
- [Qemu-devel] [PULL 17/17] hw/arm/omap_gpmc: Avoid buffer overrun filling prefetch FIFO,
Peter Maydell <=
- [Qemu-devel] [PULL 12/17] hw/net/cadence_gem: Remove dead code, Peter Maydell, 2014/05/13
- [Qemu-devel] [PULL 09/17] hw/net/stellaris_enet: Convert to vmstate, Peter Maydell, 2014/05/13
- [Qemu-devel] [PULL 15/17] hw/timer/exynos4210_mct: Avoid overflow in exynos4210_ltick_recalc_count, Peter Maydell, 2014/05/13
- [Qemu-devel] [PULL 03/17] hw/net/stellaris_enet: Restructure tx_fifo code to avoid buffer overrun, Peter Maydell, 2014/05/13
- [Qemu-devel] [PULL 14/17] hw/dma/omap_dma: Add (uint32_t) casts when shifting uint16_t by 16, Peter Maydell, 2014/05/13
- [Qemu-devel] [PULL 16/17] hw/arm/stellaris: Correct handling of GPTM TAR register, Peter Maydell, 2014/05/13
- [Qemu-devel] [PULL 10/17] target-arm/helper.c: Don't flush the TLB if SCTLR is rewritten unchanged, Peter Maydell, 2014/05/13
- [Qemu-devel] [PULL 13/17] hw/arm/omap1: Avoid unintended sign extension writing omap_rtc YEARS_REG, Peter Maydell, 2014/05/13
- [Qemu-devel] [PULL 11/17] hw/intc/allwinner-a10-pic: Add missing 'break', Peter Maydell, 2014/05/13
- [Qemu-devel] [PULL 06/17] hw/net/stellaris_enet: Correctly implement the TR and THR registers, Peter Maydell, 2014/05/13