0d093159b4
superio_ioport_readb can read the 256th element of the array.
Coverity reports an out-of-bounds write in superio_ioport_writeb,
but it does not show the corresponding out-of-bounds read
because it cannot prove that it can happen. Fix the root
cause of the problem (zhanghailang's patch instead fixes
the logic in superio_ioport_writeb).
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Reviewed-by: zhanghailiang <zhang.zhanghailiang@huawei.com>
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>
Cc: qemu-stable@nongnu.org
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| Makefile.objs | ||
| apm.c | ||
| i82378.c | ||
| isa-bus.c | ||
| lpc_ich9.c | ||
| pc87312.c | ||
| piix4.c | ||
| vt82c686.c | ||