lguest: beyond ARRAY_SIZE of cpu->arch.gdt

author Roel Kluin <roel.kluin@gmail.com>

Tue, 19 May 2009 23:45:45 +0000 (01:45 +0200)

committer Rusty Russell <rusty@rustcorp.com.au>

Fri, 12 Jun 2009 12:57:04 +0000 (22:27 +0930)
author Roel Kluin <roel.kluin@gmail.com>
Tue, 19 May 2009 23:45:45 +0000 (01:45 +0200)
committer Rusty Russell <rusty@rustcorp.com.au>
Fri, 12 Jun 2009 12:57:04 +0000 (22:27 +0930)
diff --git a/drivers/lguest/segments.c b/drivers/lguest/segments.c

index 7ede64f..482ed5a 100644 (file)
--- a/drivers/lguest/segments.c
+++ b/drivers/lguest/segments.c
@@ -150,7 +150,7 @@ void load_guest_gdt_entry(struct lg_cpu *cpu, u32 num, u32 lo, u32 hi)
  {
         /* We assume the Guest has the same number of GDT entries as the
          * Host, otherwise we'd have to dynamically allocate the Guest GDT. */
-       if (num > ARRAY_SIZE(cpu->arch.gdt))
+       if (num >= ARRAY_SIZE(cpu->arch.gdt))
                 kill_guest(cpu, "too many gdt entries %i", num);
  
         /* Set it up, then fix it. */
author	Roel Kluin <roel.kluin@gmail.com>
	Tue, 19 May 2009 23:45:45 +0000 (01:45 +0200)
committer	Rusty Russell <rusty@rustcorp.com.au>
	Fri, 12 Jun 2009 12:57:04 +0000 (22:27 +0930)