On 31.08.2012, at 22:21, Stefan Weil wrote:
Report from smatch:
ppc405_uc.c:209 dcr_read_pob(12) error: buffer overflow 'pob-besr' 2 = 2
ppc405_uc.c:232 dcr_write_pob(12) error: buffer overflow 'pob-besr' 2 = 2
The old code reads and writes besr[POB0_BESR1 - POB0_BESR0] or besr[2]
which
On 31.08.2012, at 22:45, Markus Armbruster arm...@redhat.com wrote:
Andreas Färber afaer...@suse.de writes:
Am 31.08.2012 22:21, schrieb Stefan Weil:
Report from smatch:
ppc405_uc.c:209 dcr_read_pob(12) error: buffer overflow 'pob-besr' 2 = 2
ppc405_uc.c:232 dcr_write_pob(12) error:
Am 01.09.2012 08:23, schrieb Alexander Graf:
On 31.08.2012, at 22:45, Markus Armbruster arm...@redhat.com wrote:
Andreas Färber afaer...@suse.de writes:
static uint32_t dcr_read_pob (void *opaque, int dcrn)
...
Reviewed-by: Andreas Färber afaer...@suse.de
We could alternatively
Report from smatch:
ppc405_uc.c:209 dcr_read_pob(12) error: buffer overflow 'pob-besr' 2 = 2
ppc405_uc.c:232 dcr_write_pob(12) error: buffer overflow 'pob-besr' 2 = 2
The old code reads and writes besr[POB0_BESR1 - POB0_BESR0] or besr[2]
which is one too much.
Signed-off-by: Stefan Weil
Am 31.08.2012 22:21, schrieb Stefan Weil:
Report from smatch:
ppc405_uc.c:209 dcr_read_pob(12) error: buffer overflow 'pob-besr' 2 = 2
ppc405_uc.c:232 dcr_write_pob(12) error: buffer overflow 'pob-besr' 2 = 2
The old code reads and writes besr[POB0_BESR1 - POB0_BESR0] or besr[2]
which is
Andreas Färber afaer...@suse.de writes:
Am 31.08.2012 22:21, schrieb Stefan Weil:
Report from smatch:
ppc405_uc.c:209 dcr_read_pob(12) error: buffer overflow 'pob-besr' 2 = 2
ppc405_uc.c:232 dcr_write_pob(12) error: buffer overflow 'pob-besr' 2 = 2
The old code reads and writes