On 06/03/2013 11:23 AM, Igor Mammedov wrote:
> spotted by Coverity,
> x86_reg_info_32[] is CPU_NB_REGS32 elements long, so accessing
> x86_reg_info_32[CPU_NB_REGS32] will be one element off array.
>
> Signed-off-by: Igor Mammedov <imamm...@redhat.com>
> ---
> target-i386/cpu.c | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/target-i386/cpu.c b/target-i386/cpu.c
> index 1a501d9..ae8e682 100644
> --- a/target-i386/cpu.c
> +++ b/target-i386/cpu.c
> @@ -221,7 +221,7 @@ X86RegisterInfo32 x86_reg_info_32[CPU_NB_REGS32] = {
>
> const char *get_register_name_32(unsigned int reg)
> {
> - if (reg > CPU_NB_REGS32) {
> + if (reg >= CPU_NB_REGS32) {
> return NULL;
> }
> return x86_reg_info_32[reg].name;
>
Looks obvious now that it's been spotted. ;)
Reviewed by: Jesse Larrew <jlar...@linux.vnet.ibm.com>
Jesse Larrew
Software Engineer, KVM Team
IBM Linux Technology Center
Phone: (512) 973-2052 (T/L: 363-2052)
jlar...@linux.vnet.ibm.com
