Commit 5d40097f authored by Stefan Weil's avatar Stefan Weil Committed by Stefan Hajnoczi
Browse files

cadence_uart: Fix buffer overflow 



Report from smatch:
hw/cadence_uart.c:413 uart_read(13) error: buffer overflow 's->r' 18 <= 18

This fixes read access to s->r[R_MAX] which is behind the limits of s->r.

Signed-off-by: default avatarStefan Weil <sw@weilnetz.de>
Signed-off-by: default avatarStefan Hajnoczi <stefanha@gmail.com>
parent 39b38459

hw/cadence_uart.c

+1 −1
Original line number Diff line number Diff line
@@ -404,7 +404,7 @@ static uint64_t uart_read(void *opaque, target_phys_addr_t offset, 
    uint32_t c = 0;



    offset >>= 2;

    if (offset > R_MAX) {

    if (offset >= R_MAX) {

        return 0;

    } else if (offset == R_TX_RX) {

        uart_read_rx_fifo(s, &c);