[Xen-devel] [PATCH] fix out of bound access to mode_strings

Stefano Stabellini Thu, 08 Dec 2016 17:18:03 -0800

mode == ARRAY_SIZE(mode_strings) causes an out of bound access to
the mode_strings array.


Coverity-ID: 1381859

Signed-off-by: Stefano Stabellini <sstabell...@kernel.org>

diff --git a/xen/arch/arm/traps.c b/xen/arch/arm/traps.c
index eb85d92..35d8e8b 100644
--- a/xen/arch/arm/traps.c
+++ b/xen/arch/arm/traps.c
@@ -643,7 +643,7 @@ static const char *mode_string(uint32_t cpsr)
     };
     mode = cpsr & PSR_MODE_MASK;
 
-    if ( mode > ARRAY_SIZE(mode_strings) )
+    if ( mode >= ARRAY_SIZE(mode_strings) )
         return "Unknown";
     return mode_strings[mode] ? : "Unknown";
 }

_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel

[Xen-devel] [PATCH] fix out of bound access to mode_strings

Reply via email to