From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1KWSWF-00061Z-GB
	for qemu-devel@nongnu.org; Fri, 22 Aug 2008 05:01:19 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1KWSWE-00061H-ON
	for qemu-devel@nongnu.org; Fri, 22 Aug 2008 05:01:18 -0400
Received: from [199.232.76.173] (port=51641 helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1KWSWE-000618-Ha
	for qemu-devel@nongnu.org; Fri, 22 Aug 2008 05:01:18 -0400
Received: from hall.aurel32.net ([91.121.138.14]:43902)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.60) (envelope-from <aurelien@aurel32.net>)
	id 1KWSWE-00029M-7M
	for qemu-devel@nongnu.org; Fri, 22 Aug 2008 05:01:18 -0400
Received: from farad.aurel32.net ([82.232.2.251] helo=volta.aurel32.net)
	by hall.aurel32.net with esmtpsa (TLS-1.0:RSA_AES_256_CBC_SHA1:32)
	(Exim 4.63) (envelope-from <aurelien@aurel32.net>)
	id 1KWSWC-0005QX-OR
	for qemu-devel@nongnu.org; Fri, 22 Aug 2008 11:01:16 +0200
Received: from aurel32 by volta.aurel32.net with local (Exim 4.69)
	(envelope-from <aurelien@aurel32.net>) id 1KWSWC-0005hD-9G
	for qemu-devel@nongnu.org; Fri, 22 Aug 2008 11:01:16 +0200
Date: Fri, 22 Aug 2008 11:01:16 +0200
From: Aurelien Jarno <aurelien@aurel32.net>
Subject: Re: [Qemu-devel] array overflow in hw/stellaris.c and hw/omap_dss.c
Message-ID: <20080822090116.GD21526@volta.aurel32.net>
References: <20080705104822.377b403d@holly>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Content-Disposition: inline
In-Reply-To: <20080705104822.377b403d@holly>
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

On Sat, Jul 05, 2008 at 10:48:22AM +0200, Jindrich Makovicka wrote:
> Hi,
> 
> there are some under-dimensioned arrays in $subj.
> 

Applied, thanks.

> Index: stellaris.c
> ===================================================================
> --- stellaris.c (revision 4846)
> +++ stellaris.c (working copy)
> @@ -1308,8 +1308,8 @@
>      static const int gpio_irq[7] = {0, 1, 2, 3, 4, 30, 31};
>  
>      qemu_irq *pic;
> -    qemu_irq *gpio_in[5];
> -    qemu_irq *gpio_out[5];
> +    qemu_irq *gpio_in[7];
> +    qemu_irq *gpio_out[7];
>      qemu_irq adc;
>      int sram_size;
>      int flash_size;
> Index: omap_dss.c
> ===================================================================
> --- omap_dss.c  (revision 4846)
> +++ omap_dss.c  (working copy)
> @@ -53,7 +53,7 @@
>          uint32_t control;
>          uint32_t config;
>          uint32_t capable;
> -        uint32_t timing[3];
> +        uint32_t timing[4];
>          int line;
>          uint32_t bg[2];
>          uint32_t trans[2];
> @@ -148,6 +148,7 @@
>      s->dispc.timing[0] = 0;
>      s->dispc.timing[1] = 0;
>      s->dispc.timing[2] = 0;
> +    s->dispc.timing[3] = 0;
>      s->dispc.line = 0;
>      s->dispc.bg[0] = 0;
>      s->dispc.bg[1] = 0;
> 
> Regards,
> -- 
> Jindrich Makovicka
> 
> 
> 

-- 
  .''`.  Aurelien Jarno	            | GPG: 1024D/F1BCDB73
 : :' :  Debian developer           | Electrical Engineer
 `. `'   aurel32@debian.org         | aurelien@aurel32.net
   `-    people.debian.org/~aurel32 | www.aurel32.net