From: Jean-Christophe Dubois <jcd@tribudubois.net>
To: qemu-devel@nongnu.org, peter.maydell@linaro.org
Cc: Jean-Christophe Dubois <jcd@tribudubois.net>
Subject: [Qemu-devel] [PATCH] [M25P80] Make sure not to overrun the internal data buffer.
Date: Sat, 24 Dec 2016 16:11:13 +0100 [thread overview]
Message-ID: <20161224151113.23955-1-jcd@tribudubois.net> (raw)
It did happen that the internal data buffer was overrun leading to a Qemu
crash (in particular while emulating the i.MX6 sabrelite board).
This patch makes sure the data array would not be overrun and allow the
sabrelite emulation to run without crash.
Signed-off-by: Jean-Christophe Dubois <jcd@tribudubois.net>
---
hw/block/m25p80.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/block/m25p80.c b/hw/block/m25p80.c
index d29ff4c..a1c4e5d 100644
--- a/hw/block/m25p80.c
+++ b/hw/block/m25p80.c
@@ -1117,7 +1117,7 @@ static uint32_t m25p80_transfer8(SSISlave *ss, uint32_t tx)
s->data[s->len] = (uint8_t)tx;
s->len++;
- if (s->len == s->needed_bytes) {
+ if ((s->len >= s->needed_bytes) || (s->len >= sizeof(s->data))) {
complete_collecting_data(s);
}
break;
--
2.9.3
next reply other threads:[~2016-12-24 15:11 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-12-24 15:11 Jean-Christophe Dubois [this message]
2016-12-24 17:18 ` [Qemu-devel] [PATCH] [M25P80] Make sure not to overrun the internal data buffer mar.krzeminski
2016-12-24 17:41 ` Jean-Christophe DUBOIS
2016-12-24 18:04 ` mar.krzeminski
2016-12-24 18:12 ` Jean-Christophe DUBOIS
2016-12-27 17:08 ` Jean-Christophe DUBOIS
2016-12-30 15:39 ` mar.krzeminski
2016-12-30 17:14 ` Jean-Christophe DUBOIS
2016-12-30 18:09 ` mar.krzeminski
2017-01-02 21:24 ` Jean-Christophe DUBOIS
2017-01-03 17:08 ` mar.krzeminski
2017-01-03 20:34 ` Jean-Christophe DUBOIS
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161224151113.23955-1-jcd@tribudubois.net \
--to=jcd@tribudubois.net \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.