This bounds check was off-by-one. Fix.
Reported-by: Paolo Bonzini <pbonz...@redhat.com>
Signed-off-by: Peter Crosthwaite <crosthwaite.pe...@gmail.com>
---
hw/misc/zynq-xadc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/hw/misc/zynq-xadc.c b/hw/misc/zynq-xadc.c
index 1a32595..d160ff2 100644
--- a/hw/misc/zynq-xadc.c
+++ b/hw/misc/zynq-xadc.c
@@ -220,7 +220,7 @@ static void zynq_xadc_write(void *opaque, hwaddr offset,
uint64_t val,
break;
}
- if (xadc_reg > ZYNQ_XADC_NUM_ADC_REGS && xadc_cmd != CMD_NOP) {
+ if (xadc_reg >= ZYNQ_XADC_NUM_ADC_REGS && xadc_cmd != CMD_NOP) {
qemu_log_mask(LOG_GUEST_ERROR, "read/write op to invalid xadc "
"reg 0x%x\n", xadc_reg);
break;
--
1.9.1
