On Tue, 10 Feb 2015, Gonglei wrote:
> On 2015/2/10 14:39, Stefano Stabellini wrote:
> > On Sat, 31 Jan 2015, arei.gong...@huawei.com wrote:
> >> From: Gonglei <arei.gong...@huawei.com>
> >>
> >> The array length of s->real_device.io_regions[] is
> >> "PCI_NUM_REGIONS - 1". Add a check, just make Coverity happy.
> >>
> >> Signed-off-by: Gonglei <arei.gong...@huawei.com>
> >> ---
> >> hw/xen/xen_pt_config_init.c | 5 +++++
> >> 1 file changed, 5 insertions(+)
> >>
> >> diff --git a/hw/xen/xen_pt_config_init.c b/hw/xen/xen_pt_config_init.c
> >> index 710fe50..3c8b0f1 100644
> >> --- a/hw/xen/xen_pt_config_init.c
> >> +++ b/hw/xen/xen_pt_config_init.c
> >> @@ -443,6 +443,11 @@ static int xen_pt_bar_reg_read(XenPCIPassthroughState
> >> *s, XenPTReg *cfg_entry,
> >> return -1;
> >> }
> >>
> >> + if (index == PCI_ROM_SLOT) {
> >> + XEN_PT_ERR(&s->dev, "Internal error: Access violation at ROM
> >> BAR.\n");
> >> + return -1;
> >> + }
> >
> > Could you please fix the boundaries of the check just above?
> > Also please avoid using PCI_ROM_SLOT for the array index check, simply
> > use PCI_NUM_REGIONS.
> >
> You meaning is changing the below check:
>
> if (index < 0 || index >= PCI_NUM_REGIONS - 1) {
> XEN_PT_ERR(&s->dev, "Internal error: Invalid BAR index [%d].\n",
> index);
> return -1;
> }
>
> Isn't it?
that's right
