From 3b27d13940c3710a1128527c43719cb0bb05d73b Mon Sep 17 00:00:00 2001
From: Wang Nan <wangnan0@huawei.com>
Date: Tue, 1 Sep 2015 03:29:44 +0000
Subject: perf dwarf: Fix potential array out of bounds access

There is a problem in the dwarf-regs.c files for sh, sparc and x86 where
it is possible to make an out-of-bounds array access when searching for
register names.

This patch fixes it by replacing '<=' to '<', so when register (number
== XXX_MAX_REGS), get_arch_regstr() will return NULL.

Signed-off-by: Wang Nan <wangnan0@huawei.com>
Reviewed-by: Matt Fleming <matt@console-pimps.org>
Acked-by: Jiri Olsa <jolsa@kernel.org>
Acked-by: Masami Hiramatsu <masami.hiramatsu.pt@hitachi.com>
Cc: David S. Miller <davem@davemloft.net>
Cc: Zefan Li <lizefan@huawei.com>
Cc: pi3orama@huawei.com
Link: http://lkml.kernel.org/r/1441078184-105038-1-git-send-email-wangnan0@huawei.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
---
 tools/perf/arch/sh/util/dwarf-regs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'tools/perf/arch/sh')

diff --git a/tools/perf/arch/sh/util/dwarf-regs.c b/tools/perf/arch/sh/util/dwarf-regs.c
index 0d0897f57a10..f8dfa89696f4 100644
--- a/tools/perf/arch/sh/util/dwarf-regs.c
+++ b/tools/perf/arch/sh/util/dwarf-regs.c
@@ -51,5 +51,5 @@ const char *sh_regs_table[SH_MAX_REGS] = {
 /* Return architecture dependent register string (for kprobe-tracer) */
 const char *get_arch_regstr(unsigned int n)
 {
-	return (n <= SH_MAX_REGS) ? sh_regs_table[n] : NULL;
+	return (n < SH_MAX_REGS) ? sh_regs_table[n] : NULL;
 }
-- 
cgit v1.2.3