From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:36779)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <whitebox@nefkom.net>) id 1UnpgA-0003Ex-7i
	for qemu-devel@nongnu.org; Sat, 15 Jun 2013 08:34:05 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <whitebox@nefkom.net>) id 1Unpg7-0004FT-OC
	for qemu-devel@nongnu.org; Sat, 15 Jun 2013 08:34:02 -0400
Received: from mail-out.m-online.net ([212.18.0.9]:39264)
	by eggs.gnu.org with esmtp (Exim 4.71)
	(envelope-from <whitebox@nefkom.net>) id 1Unpg7-0004F9-I5
	for qemu-devel@nongnu.org; Sat, 15 Jun 2013 08:33:59 -0400
Received: from frontend1.mail.m-online.net (unknown [192.168.8.180])
	by mail-out.m-online.net (Postfix) with ESMTP id 3bXdQs1xxqz4KK4B
	for <qemu-devel@nongnu.org>; Sat, 15 Jun 2013 14:33:57 +0200 (CEST)
Received: from localhost (dynscan1.mnet-online.de [192.168.6.68])
	by mail.m-online.net (Postfix) with ESMTP id 3bXdQs0q3tzbbhK
	for <qemu-devel@nongnu.org>; Sat, 15 Jun 2013 14:33:57 +0200 (CEST)
Received: from mail.mnet-online.de ([192.168.8.180])
	by localhost (dynscan1.mail.m-online.net [192.168.6.68]) (amavisd-new,
	port 10024) with ESMTP id KCSs4gEy9vBp for <qemu-devel@nongnu.org>;
	Sat, 15 Jun 2013 14:33:55 +0200 (CEST)
Received: from igel.home (ppp-88-217-112-59.dynamic.mnet-online.de
	[88.217.112.59]) by mail.mnet-online.de (Postfix) with ESMTPA
	for <qemu-devel@nongnu.org>; Sat, 15 Jun 2013 14:33:55 +0200 (CEST)
From: Andreas Schwab <schwab@linux-m68k.org>
Date: Sat, 15 Jun 2013 14:33:55 +0200
Message-ID: <878v2b8sek.fsf@igel.home>
MIME-Version: 1.0
Content-Type: text/plain
Subject: [Qemu-devel] [PATCH] linux-user: fix signal number range check
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

When translating between host and target signal numbers keep negative
numbers unchanged, avoiding access beyond array bounds.

Signed-off-by: Andreas Schwab <schwab@linux-m68k.org>
---
 linux-user/signal.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/linux-user/signal.c b/linux-user/signal.c
index 5da8452..c4d8970 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -102,14 +102,14 @@ static inline int sas_ss_flags(unsigned long sp)
 
 int host_to_target_signal(int sig)
 {
-    if (sig >= _NSIG)
+    if (sig < 0 || sig >= _NSIG)
         return sig;
     return host_to_target_signal_table[sig];
 }
 
 int target_to_host_signal(int sig)
 {
-    if (sig >= _NSIG)
+    if (sig < 0 || sig >= _NSIG)
         return sig;
     return target_to_host_signal_table[sig];
 }
-- 
1.8.3.1


-- 
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756  01D3 44D5 214B 8276 4ED5
"And now for something completely different."