The boundary size of cpucfg array should be 0 to ARRAY_SIZE(cpucfg)-1.
So, using index bigger than max boundary to access cpucfg[] must be
forbidden.
Fix coverity CID: 1489760
Signed-off-by: Xiaojuan Yang <yangxiaoj...@loongson.cn>
Reviewed-by: Richard Henderson <richard.hender...@linaro.org>
---
target/loongarch/op_helper.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/target/loongarch/op_helper.c b/target/loongarch/op_helper.c
index 4b429b6699..568c071601 100644
--- a/target/loongarch/op_helper.c
+++ b/target/loongarch/op_helper.c
@@ -81,7 +81,7 @@ target_ulong helper_crc32c(target_ulong val, target_ulong m,
uint64_t sz)
target_ulong helper_cpucfg(CPULoongArchState *env, target_ulong rj)
{
- return rj > 21 ? 0 : env->cpucfg[rj];
+ return rj >= ARRAY_SIZE(env->cpucfg) ? 0 : env->cpucfg[rj];
}
uint64_t helper_rdtime_d(CPULoongArchState *env)
--
2.31.1
