From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.186.70.92] (port=33649 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1OFVLS-0004Qn-92 for qemu-devel@nongnu.org; Fri, 21 May 2010 12:45:11 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.69) (envelope-from ) id 1OFVLQ-00072O-GU for qemu-devel@nongnu.org; Fri, 21 May 2010 12:45:10 -0400 Received: from thoth.sbs.de ([192.35.17.2]:21190) by eggs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1OFVLQ-00071s-7x for qemu-devel@nongnu.org; Fri, 21 May 2010 12:45:08 -0400 Message-ID: <4BF6B88B.4060008@siemens.com> Date: Fri, 21 May 2010 18:44:59 +0200 From: Jan Kiszka MIME-Version: 1.0 References: <20100521154926.GA22706@hall.aurel32.net> <20100521161736.GA27745@hall.aurel32.net> <4BF6B25B.7080508@siemens.com> <4BF6B36A.8070702@aurel32.net> In-Reply-To: <4BF6B36A.8070702@aurel32.net> Content-Type: text/plain; charset=ISO-8859-15 Content-Transfer-Encoding: 7bit Subject: [Qemu-devel] [PATCH] lsi: Fix value overflow in request tag processing List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: Aurelien Jarno Cc: "qemu-devel@nongnu.org" This fixes a mismerge of 64d564094cac5f72eeaeb950c442b773a00d3586 (wrong patch version): We need to mask the tag value properly to obtain its device ID. Signed-off-by: Jan Kiszka --- hw/lsi53c895a.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/hw/lsi53c895a.c b/hw/lsi53c895a.c index 9d3c44d..f5a91ba 100644 --- a/hw/lsi53c895a.c +++ b/hw/lsi53c895a.c @@ -543,7 +543,7 @@ static void lsi_do_dma(LSIState *s, int out) return; } - id = s->current->tag >> 8; + id = (s->current->tag >> 8) & 0xf; dev = s->bus.devs[id]; if (!dev) { lsi_bad_selection(s, id); @@ -745,7 +745,7 @@ static void lsi_do_command(LSIState *s) s->sfbr = buf[0]; s->command_complete = 0; - id = s->select_tag >> 8; + id = (s->select_tag >> 8) & 0xf; dev = s->bus.devs[id]; if (!dev) { lsi_bad_selection(s, id); -- 1.6.0.2