On 7/12/22 13:31, Xiaojuan Yang wrote:
Fix out-of-bounds errors when access excp_names[] array. the valid
boundary size of excp_names should be 0 to ARRAY_SIZE(excp_names)-1.
However, the general code do not consider the max boundary.
Fix coverity CID: 1489758
Signed-off-by: Xiaojuan Yang <yangxiaoj...@loongson.cn>
---
target/loongarch/cpu.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
r~
diff --git a/target/loongarch/cpu.c b/target/loongarch/cpu.c
index 8294b05ee8..8e17b61a85 100644
--- a/target/loongarch/cpu.c
+++ b/target/loongarch/cpu.c
@@ -140,7 +140,7 @@ static void loongarch_cpu_do_interrupt(CPUState *cs)
if (cs->exception_index != EXCCODE_INT) {
if (cs->exception_index < 0 ||
- cs->exception_index > ARRAY_SIZE(excp_names)) {
+ cs->exception_index >= ARRAY_SIZE(excp_names)) {
name = "unknown";
} else {
name = excp_names[cs->exception_index];
@@ -190,8 +190,8 @@ static void loongarch_cpu_do_interrupt(CPUState *cs)
cause = cs->exception_index;
break;
default:
- qemu_log("Error: exception(%d) '%s' has not been supported\n",
- cs->exception_index, excp_names[cs->exception_index]);
+ qemu_log("Error: exception(%d) has not been supported\n",
+ cs->exception_index);
abort();
}
