Commit a184e74f authored Nov 10, 2015 by Rabin Vincent Committed by Kevin Wolf Nov 18, 2015

nand: fix address overflow



The shifts of the address mask and value shift beyond 32 bits when there
are 5 address cycles.

Cc: qemu-stable@nongnu.org
Signed-off-by: Rabin Vincent <rabin.vincent@axis.com>
Reviewed-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: Peter Crosthwaite <crosthwaite.peter@gmail.com>
Signed-off-by: Kevin Wolf <kwolf@redhat.com>

parent ab9b872a

hw/block/nand.c

+2 −2

Original line number	Diff line number	Diff line
		@@ -522,8 +522,8 @@ void nand_setio(DeviceState *dev, uint32_t value)

		if (s->ale) {
		unsigned int shift = s->addrlen * 8;
		unsigned int mask = ~(0xff << shift);
		unsigned int v = value << shift;
		uint64_t mask = ~(0xffull << shift);
		uint64_t v = (uint64_t)value << shift;

		s->addr = (s->addr & mask) \| v;
		s->addrlen ++;