diff options
author | Lidong Chen | 2019-06-19 21:14:46 +0200 |
---|---|---|
committer | Paolo Bonzini | 2019-06-21 13:25:29 +0200 |
commit | 1c598ab2b88571d8c75cfebbef09d4c1c675132c (patch) | |
tree | 64d188644c15ca28144d125b6effc9faed6eaaa9 | |
parent | target/i386: kvm: Add nested migration blocker only when kernel lacks require... (diff) | |
download | qemu-1c598ab2b88571d8c75cfebbef09d4c1c675132c.tar.gz qemu-1c598ab2b88571d8c75cfebbef09d4c1c675132c.tar.xz qemu-1c598ab2b88571d8c75cfebbef09d4c1c675132c.zip |
sd: Fix out-of-bounds assertions
Due to an off-by-one error, the assert statements allow an
out-of-bound array access. This doesn't happen in practice,
but the static analyzer notices.
Signed-off-by: Lidong Chen <lidong.chen@oracle.com>
Reviewed-by: Liam Merwick <liam.merwick@oracle.com>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Li Qiang <liq3ea@gmail.com>
Reviewed-by: Darren Kenny <darren.kenny@oracle.com>
Message-Id: <6b19cb7359a10a6bedc3ea0fce22fed3ef93c102.1560806687.git.lidong.chen@oracle.com>
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
-rw-r--r-- | hw/sd/sd.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/hw/sd/sd.c b/hw/sd/sd.c index 60500ec8fe..917195a65b 100644 --- a/hw/sd/sd.c +++ b/hw/sd/sd.c @@ -145,7 +145,7 @@ static const char *sd_state_name(enum SDCardStates state) if (state == sd_inactive_state) { return "inactive"; } - assert(state <= ARRAY_SIZE(state_name)); + assert(state < ARRAY_SIZE(state_name)); return state_name[state]; } @@ -166,7 +166,7 @@ static const char *sd_response_name(sd_rsp_type_t rsp) if (rsp == sd_r1b) { rsp = sd_r1; } - assert(rsp <= ARRAY_SIZE(response_name)); + assert(rsp < ARRAY_SIZE(response_name)); return response_name[rsp]; } |