imi415
/
openocd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

jtag: opendous: fix tap buffer overflow 

Appending bits to TAP buffer doesn't check if there's enough space left.
This patch adds this check to fix TAP overflow error.

Change-Id: If80d5ab4a24983ad24f3cab31f9676d1590ebf5d
Signed-off-by: Stefan Mahr <stefan.mahr@sphairon.com>
Reviewed-on: http://openocd.zylin.com/1216
Tested-by: jenkins
Reviewed-by: Spencer Oliver <spen@spen-soft.co.uk>
This commit is contained in:
Stefan Mahr 2013-03-09 17:50:54 +01:00 committed by Spencer Oliver
parent 9b6de72c2b
commit 02192f6b8c
1 changed files with 4 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
src/jtag/drivers/opendous.c
View File

@ -482,8 +482,9 @@ void opendous_tap_init(void)
void opendous_tap_ensure_space(int scans, int bits)
{
int available_scans = MAX_PENDING_SCAN_RESULTS - pending_scan_results_length;
int available_bits = OPENDOUS_TAP_BUFFER_SIZE / 2 - tap_length;
if (scans > available_scans)
if ((scans > available_scans) || (bits > available_bits))
opendous_tap_execute();
}
@ -493,6 +494,8 @@ void opendous_tap_append_step(int tms, int tdi)
unsigned char _tms = tms ? 1 : 0;
unsigned char _tdi = tdi ? 1 : 0;
opendous_tap_ensure_space(0, 1);
int tap_index = tap_length / 4;
int bits = (tap_length % 4) * 2;