From: Stefan Mahr <stefan.mahr@sphairon.com>
Date: Sat, 9 Mar 2013 16:50:54 +0000 (+0100)
Subject: jtag: opendous: fix tap buffer overflow
X-Git-Tag: v0.7.0-rc1~48
X-Git-Url: https://review.openocd.org/gitweb?p=openocd.git;a=commitdiff_plain;h=02192f6b8c63d740a551e371441d85d59930e65c;ds=sidebyside

jtag: opendous: fix tap buffer overflow

Appending bits to TAP buffer doesn't check if there's enough space left.
This patch adds this check to fix TAP overflow error.

Change-Id: If80d5ab4a24983ad24f3cab31f9676d1590ebf5d
Signed-off-by: Stefan Mahr <stefan.mahr@sphairon.com>
Reviewed-on: http://openocd.zylin.com/1216
Tested-by: jenkins
Reviewed-by: Spencer Oliver <spen@spen-soft.co.uk>
---

diff --git a/src/jtag/drivers/opendous.c b/src/jtag/drivers/opendous.c
index b13cbe054a..efb6cf256d 100644
--- a/src/jtag/drivers/opendous.c
+++ b/src/jtag/drivers/opendous.c
@@ -482,8 +482,9 @@ void opendous_tap_init(void)
 void opendous_tap_ensure_space(int scans, int bits)
 {
 	int available_scans = MAX_PENDING_SCAN_RESULTS - pending_scan_results_length;
+	int available_bits = OPENDOUS_TAP_BUFFER_SIZE / 2 - tap_length;
 
-	if (scans > available_scans)
+	if ((scans > available_scans) || (bits > available_bits))
 		opendous_tap_execute();
 }
 
@@ -493,6 +494,8 @@ void opendous_tap_append_step(int tms, int tdi)
 	unsigned char _tms = tms ? 1 : 0;
 	unsigned char _tdi = tdi ? 1 : 0;
 
+	opendous_tap_ensure_space(0, 1);
+
 	int tap_index =  tap_length / 4;
 	int bits  = (tap_length % 4) * 2;