From f3d8b1eb105199a1d6bf063a8a574e782689909a Mon Sep 17 00:00:00 2001
From: aurel32 <aurel32@c046a42c-6fe2-441c-8c8c-71466251a162>
Date: Fri, 22 Aug 2008 08:57:19 +0000
Subject: [PATCH] array overflow in hw/stellaris.c and hw/omap_dss.c

(Jindrich Makovicka)

git-svn-id: svn://svn.savannah.nongnu.org/qemu/trunk@5064 c046a42c-6fe2-441c-8c8c-71466251a162
---
 hw/omap_dss.c  | 3 ++-
 hw/stellaris.c | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/hw/omap_dss.c b/hw/omap_dss.c
index 13ca94bd1f..ba7153f29b 100644
--- a/hw/omap_dss.c
+++ b/hw/omap_dss.c
@@ -53,7 +53,7 @@ struct omap_dss_s {
         uint32_t control;
         uint32_t config;
         uint32_t capable;
-        uint32_t timing[3];
+        uint32_t timing[4];
         int line;
         uint32_t bg[2];
         uint32_t trans[2];
@@ -148,6 +148,7 @@ void omap_dss_reset(struct omap_dss_s *s)
     s->dispc.timing[0] = 0;
     s->dispc.timing[1] = 0;
     s->dispc.timing[2] = 0;
+    s->dispc.timing[3] = 0;
     s->dispc.line = 0;
     s->dispc.bg[0] = 0;
     s->dispc.bg[1] = 0;
diff --git a/hw/stellaris.c b/hw/stellaris.c
index 999cb50593..93f751171e 100644
--- a/hw/stellaris.c
+++ b/hw/stellaris.c
@@ -1308,8 +1308,8 @@ static void stellaris_init(const char *kernel_filename, const char *cpu_model,
     static const int gpio_irq[7] = {0, 1, 2, 3, 4, 30, 31};
 
     qemu_irq *pic;
-    qemu_irq *gpio_in[5];
-    qemu_irq *gpio_out[5];
+    qemu_irq *gpio_in[7];
+    qemu_irq *gpio_out[7];
     qemu_irq adc;
     int sram_size;
     int flash_size;