blob: 00c44a2c0ddd6f7fcdab9eff12c0e4b4de81df46 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
network: 0.981
device: 0.910
graphic: 0.906
performance: 0.770
socket: 0.573
vnc: 0.510
debug: 0.472
files: 0.458
semantic: 0.420
PID: 0.389
boot: 0.272
KVM: 0.190
permissions: 0.164
other: 0.108
Out-of-bounds access in smc91c111_receive()
Description of problem:
An out-of-bounds access happens at hw/net/smc91c111.c:705.
`hw/net/smc91c111.c:705:5: runtime error: index -1 out of bounds for type 'int[4]'`
Steps to reproduce:
```
export QEMU_ARGS="-display none -machine accel=qtest, -m 512M -machine realview-eb"
cat << EOF | ./qemu-system-arm $QEMU_ARGS -qtest /dev/null -qtest stdio
writew 0x4e000005 0x227
writel 0x4e00000b 0x25ab1f2
writew 0x4e000000 0xaa6c
clock_step
EOF
```
Additional information:
|
