diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2024-07-31 15:36:14 +0100 |
|---|---|---|
| committer | Philippe Mathieu-Daudé <philmd@linaro.org> | 2024-08-06 10:22:52 +0200 |
| commit | f63085c85d164484a58fa320114f389c91194487 (patch) | |
| tree | fdbf36166454e4640c828632de9caa83b7dc0a58 | |
| parent | 8f64e7449e474e18017eb1414bc13e491edd8596 (diff) | |
| download | focaccia-qemu-f63085c85d164484a58fa320114f389c91194487.tar.gz focaccia-qemu-f63085c85d164484a58fa320114f389c91194487.zip | |
hw/ide/atapi: Be explicit that assigning to s->lcyl truncates
In ide_atapi_cmd_reply_end() we calculate a 16-bit size, and then
assign its two halves to s->lcyl and s->hcyl like this:
s->lcyl = size;
s->hcyl = size >> 8;
Coverity warns that the first line here can overflow the
8-bit s->lcyl variable. This is true, and in this case we're
deliberately only after the low 8 bits of the value. The
code is clearer to both humans and Coverity if we're explicit
that we only wanted the low 8 bits, though.
Resolves: Coverity CID 1547621
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Markus Armbruster <armbru@redhat.com>
Reviewed-by: Kevin Wolf <kwolf@redhat.com>
Message-ID: <20240731143617.3391947-5-peter.maydell@linaro.org>
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
| -rw-r--r-- | hw/ide/atapi.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/hw/ide/atapi.c b/hw/ide/atapi.c index fcb6cca157..e82959dc2d 100644 --- a/hw/ide/atapi.c +++ b/hw/ide/atapi.c @@ -265,7 +265,7 @@ void ide_atapi_cmd_reply_end(IDEState *s) byte_count_limit--; size = byte_count_limit; } - s->lcyl = size; + s->lcyl = size & 0xff; s->hcyl = size >> 8; s->elementary_transfer_size = size; /* we cannot transmit more than one sector at a time */ |