[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PULL 23/25] sd: Fix out-of-bounds assertions
From: |
Paolo Bonzini |
Subject: |
[Qemu-devel] [PULL 23/25] sd: Fix out-of-bounds assertions |
Date: |
Fri, 21 Jun 2019 13:30:18 +0200 |
From: Lidong Chen <address@hidden>
Due to an off-by-one error, the assert statements allow an
out-of-bound array access. This doesn't happen in practice,
but the static analyzer notices.
Signed-off-by: Lidong Chen <address@hidden>
Reviewed-by: Liam Merwick <address@hidden>
Reviewed-by: Marc-André Lureau <address@hidden>
Reviewed-by: Philippe Mathieu-Daudé <address@hidden>
Reviewed-by: Li Qiang <address@hidden>
Reviewed-by: Darren Kenny <address@hidden>
Message-Id: <address@hidden>
Signed-off-by: Paolo Bonzini <address@hidden>
---
hw/sd/sd.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index 60500ec..917195a6 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -145,7 +145,7 @@ static const char *sd_state_name(enum SDCardStates state)
if (state == sd_inactive_state) {
return "inactive";
}
- assert(state <= ARRAY_SIZE(state_name));
+ assert(state < ARRAY_SIZE(state_name));
return state_name[state];
}
@@ -166,7 +166,7 @@ static const char *sd_response_name(sd_rsp_type_t rsp)
if (rsp == sd_r1b) {
rsp = sd_r1;
}
- assert(rsp <= ARRAY_SIZE(response_name));
+ assert(rsp < ARRAY_SIZE(response_name));
return response_name[rsp];
}
--
1.8.3.1
- [Qemu-devel] [PULL 19/25] vmstate: Add support for kernel integer types, (continued)
- [Qemu-devel] [PULL 19/25] vmstate: Add support for kernel integer types, Paolo Bonzini, 2019/06/21
- [Qemu-devel] [PULL 09/25] i386/kvm: hv-tlbflush/ipi require hv-vpindex, Paolo Bonzini, 2019/06/21
- [Qemu-devel] [PULL 07/25] i386/kvm: implement 'hv-passthrough' mode, Paolo Bonzini, 2019/06/21
- [Qemu-devel] [PULL 08/25] i386/kvm: hv-stimer requires hv-time and hv-synic, Paolo Bonzini, 2019/06/21
- [Qemu-devel] [PULL 11/25] i386/kvm: add support for Direct Mode for Hyper-V synthetic timers, Paolo Bonzini, 2019/06/21
- [Qemu-devel] [PULL 12/25] target/i386: define a new MSR based feature word - FEAT_CORE_CAPABILITY, Paolo Bonzini, 2019/06/21
- [Qemu-devel] [PULL 13/25] target/i386: kvm: Delete VMX migration blocker on vCPU init failure, Paolo Bonzini, 2019/06/21
- [Qemu-devel] [PULL 17/25] target/i386: kvm: Block migration for vCPUs exposed with nested virtualization, Paolo Bonzini, 2019/06/21
- [Qemu-devel] [PULL 18/25] linux-headers: sync with latest KVM headers from Linux 5.2, Paolo Bonzini, 2019/06/21
- [Qemu-devel] [PULL 21/25] target/i386: kvm: Add support for KVM_CAP_EXCEPTION_PAYLOAD, Paolo Bonzini, 2019/06/21
- [Qemu-devel] [PULL 23/25] sd: Fix out-of-bounds assertions,
Paolo Bonzini <=
- [Qemu-devel] [PULL 24/25] util/main-loop: Fix incorrect assertion, Paolo Bonzini, 2019/06/21
- [Qemu-devel] [PULL 20/25] target/i386: kvm: Add support for save and restore nested state, Paolo Bonzini, 2019/06/21
- Re: [Qemu-devel] [PULL 20/25] target/i386: kvm: Add support for save and restore nested state, Liran Alon, 2019/06/21
- Re: [Qemu-devel] [PULL 20/25] target/i386: kvm: Add support for save and restore nested state, Paolo Bonzini, 2019/06/21
- Re: [Qemu-devel] [PULL 20/25] target/i386: kvm: Add support for save and restore nested state, Liran Alon, 2019/06/21
- Re: [Qemu-devel] [PULL 20/25] target/i386: kvm: Add support for save and restore nested state, Paolo Bonzini, 2019/06/21
- Re: [Qemu-devel] [PULL 20/25] target/i386: kvm: Add support for save and restore nested state, Liran Alon, 2019/06/21
- Re: [Qemu-devel] [PULL 20/25] target/i386: kvm: Add support for save and restore nested state, Paolo Bonzini, 2019/06/21
- Re: [Qemu-devel] [PULL 20/25] target/i386: kvm: Add support for save and restore nested state, Liran Alon, 2019/06/21
- Re: [Qemu-devel] [PULL 20/25] target/i386: kvm: Add support for save and restore nested state, Liran Alon, 2019/06/21