qemu-trivial
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-trivial] [PATCH] vt82c686: avoid out-of-bounds read


From: Paolo Bonzini
Subject: Re: [Qemu-trivial] [PATCH] vt82c686: avoid out-of-bounds read
Date: Thu, 11 Dec 2014 20:05:19 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.3.0


On 11/12/2014 18:55, Michael Tokarev wrote:
>> > superio_ioport_readb can read the 256th element of the array.
> Is there a legitimate reason for it to access byte index 256?

The 256th element is byte index 255. :)

> What is the actual size of superio config memory, 256 or 257?

It's 256 and the array is sized conf[0xff].

> I don't know, but somehow it looks like it should be 256.

That's what the patch does. :)

Paolo



reply via email to

[Prev in Thread] Current Thread [Next in Thread]