Commit 4508d81a authored by Blue Swirl's avatar Blue Swirl
Browse files

ppc405_uc: fix a buffer overflow



Fix a buffer overflow, reported by cppcheck:
[/src/qemu/hw/ppc405_uc.c:72]: (error) Buffer access out-of-bounds: bd.bi_s_version

The use of field bi_s_version seems to be a typo, it should be
bi_r_version.

Signed-off-by: default avatarBlue Swirl <blauwirbel@gmail.com>
parent c46a3ea0
...@@ -68,8 +68,9 @@ ram_addr_t ppc405_set_bootinfo (CPUState *env, ppc4xx_bd_info_t *bd, ...@@ -68,8 +68,9 @@ ram_addr_t ppc405_set_bootinfo (CPUState *env, ppc4xx_bd_info_t *bd,
stl_phys(bdloc + 0x34, bd->bi_baudrate); stl_phys(bdloc + 0x34, bd->bi_baudrate);
for (i = 0; i < 4; i++) for (i = 0; i < 4; i++)
stb_phys(bdloc + 0x38 + i, bd->bi_s_version[i]); stb_phys(bdloc + 0x38 + i, bd->bi_s_version[i]);
for (i = 0; i < 32; i++) for (i = 0; i < 32; i++) {
stb_phys(bdloc + 0x3C + i, bd->bi_s_version[i]); stb_phys(bdloc + 0x3C + i, bd->bi_r_version[i]);
}
stl_phys(bdloc + 0x5C, bd->bi_plb_busfreq); stl_phys(bdloc + 0x5C, bd->bi_plb_busfreq);
stl_phys(bdloc + 0x60, bd->bi_pci_busfreq); stl_phys(bdloc + 0x60, bd->bi_pci_busfreq);
for (i = 0; i < 6; i++) for (i = 0; i < 6; i++)
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment