From 459ca8bfa41b42b9d80739929f09f792207f15f3 Mon Sep 17 00:00:00 2001 From: Mark Cave-Ayland Date: Sat, 24 Oct 2020 22:39:00 +0200 Subject: [PATCH] pci: Assert irqnum is between 0 and bus->nirqs in pci_bus_change_irq_level MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit These assertions similar to those in the adjacent pci_bus_get_irq_level() function ensure that irqnum lies within the valid PCI bus IRQ range. Signed-off-by: Mark Cave-Ayland Message-Id: <20201011082022.3016-1-mark.cave-ayland@ilande.co.uk> Signed-off-by: Philippe Mathieu-Daudé Message-Id: <20201024203900.3619498-3-f4bug@amsat.org> Reviewed-by: Mark Cave-Ayland Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin --- hw/pci/pci.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/hw/pci/pci.c b/hw/pci/pci.c index 081ddcadd1..dc4019865b 100644 --- a/hw/pci/pci.c +++ b/hw/pci/pci.c @@ -250,6 +250,8 @@ static inline void pci_set_irq_state(PCIDevice *d, int irq_num, int level) static void pci_bus_change_irq_level(PCIBus *bus, int irq_num, int change) { + assert(irq_num >= 0); + assert(irq_num < bus->nirq); bus->irq_count[irq_num] += change; bus->set_irq(bus->irq_opaque, irq_num, bus->irq_count[irq_num] != 0); } -- 2.11.0