From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from [140.186.70.92] (port=48333 helo=eggs.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1PbdU1-0006xS-Qm for qemu-devel@nongnu.org; Sat, 08 Jan 2011 13:25:50 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1PbdU0-00073d-S7 for qemu-devel@nongnu.org; Sat, 08 Jan 2011 13:25:45 -0500 Received: from mail-px0-f173.google.com ([209.85.212.173]:36428) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1PbdU0-00073T-Kt for qemu-devel@nongnu.org; Sat, 08 Jan 2011 13:25:44 -0500 Received: by pxi16 with SMTP id 16so3870619pxi.4 for ; Sat, 08 Jan 2011 10:25:43 -0800 (PST) MIME-Version: 1.0 From: Blue Swirl Date: Sat, 8 Jan 2011 18:25:21 +0000 Message-ID: Content-Type: text/plain; charset=UTF-8 Subject: [Qemu-devel] [PATCH 6/7] lan9118: fix a buffer overflow List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel Fix a buffer overflow, reported by cppcheck: [/src/qemu/hw/lan9118.c:849]: (error) Buffer access out-of-bounds: s.eeprom All eeprom handling code assumes that the size of eeprom is 128. Signed-off-by: Blue Swirl --- hw/lan9118.c | 2 +- 1 files changed, 1 insertions(+), 1 deletions(-) diff --git a/hw/lan9118.c b/hw/lan9118.c index a988664..1bb829e 100644 --- a/hw/lan9118.c +++ b/hw/lan9118.c @@ -187,7 +187,7 @@ typedef struct { uint32_t phy_int_mask; int eeprom_writable; - uint8_t eeprom[8]; + uint8_t eeprom[128]; int tx_fifo_size; LAN9118Packet *txp; -- 1.6.2.4