qemu-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 02/51] xen-pt: fix Out-of-bounds read


From: Michael Tokarev
Subject: [Qemu-devel] [PATCH 02/51] xen-pt: fix Out-of-bounds read
Date: Fri, 6 Mar 2015 23:18:43 +0300

From: Gonglei <address@hidden>

The array length of s->real_device.io_regions[] is
"PCI_NUM_REGIONS - 1".

Signed-off-by: Gonglei <address@hidden>
Acked-by: Stefano Stabellini <address@hidden>
Signed-off-by: Michael Tokarev <address@hidden>
---
 hw/xen/xen_pt_config_init.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c
index 710fe50..d99c22e 100644
--- a/hw/xen/xen_pt_config_init.c
+++ b/hw/xen/xen_pt_config_init.c
@@ -438,7 +438,7 @@ static int xen_pt_bar_reg_read(XenPCIPassthroughState *s, 
XenPTReg *cfg_entry,
 
     /* get BAR index */
     index = xen_pt_bar_offset_to_index(reg->offset);
-    if (index < 0 || index >= PCI_NUM_REGIONS) {
+    if (index < 0 || index >= PCI_NUM_REGIONS - 1) {
         XEN_PT_ERR(&s->dev, "Internal error: Invalid BAR index [%d].\n", 
index);
         return -1;
     }
-- 
2.1.4




reply via email to

[Prev in Thread] Current Thread [Next in Thread]