From: Blue Swirl <blauwirbel@gmail.com>
Date: Wed, 12 Jan 2011 21:12:31 +0000 (+0000)
Subject: ppc405_uc: fix a buffer overflow
X-Git-Tag: qemu-xen-4.3.0-rc1~3716
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=4508d81a788f451c83604e1d0033243e191d71a7;p=qemu-upstream-4.5-testing.git

ppc405_uc: fix a buffer overflow

Fix a buffer overflow, reported by cppcheck:
[/src/qemu/hw/ppc405_uc.c:72]: (error) Buffer access out-of-bounds: bd.bi_s_version

The use of field bi_s_version seems to be a typo, it should be
bi_r_version.

Signed-off-by: Blue Swirl <blauwirbel@gmail.com>
---

diff --git a/hw/ppc405_uc.c b/hw/ppc405_uc.c
index 8136cb962..334187e53 100644
--- a/hw/ppc405_uc.c
+++ b/hw/ppc405_uc.c
@@ -68,8 +68,9 @@ ram_addr_t ppc405_set_bootinfo (CPUState *env, ppc4xx_bd_info_t *bd,
     stl_phys(bdloc + 0x34, bd->bi_baudrate);
     for (i = 0; i < 4; i++)
         stb_phys(bdloc + 0x38 + i, bd->bi_s_version[i]);
-    for (i = 0; i < 32; i++)
-        stb_phys(bdloc + 0x3C + i, bd->bi_s_version[i]);
+    for (i = 0; i < 32; i++) {
+        stb_phys(bdloc + 0x3C + i, bd->bi_r_version[i]);
+    }
     stl_phys(bdloc + 0x5C, bd->bi_plb_busfreq);
     stl_phys(bdloc + 0x60, bd->bi_pci_busfreq);
     for (i = 0; i < 6; i++)