From 34a1c8394c62ce055ff9f617fa690a9104adc9ee Mon Sep 17 00:00:00 2001
From: Joerg Wunsch <j@uriah.heep.sax.de>
Date: Wed, 16 Sep 2020 21:15:30 +0000
Subject: [PATCH] Fix handling of SCK parameter table in AVRISP2

Submitted by Adrian Klieber
patch #9820: Fix some out-of-bounds/uninitialized issues



git-svn-id: svn://svn.savannah.nongnu.org/avrdude/trunk/avrdude@1440 81a1dc3b-b13d-400b-aceb-764788c761c2
---
 stk500v2.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/stk500v2.c b/stk500v2.c
index 9ee8588d..37e4f3f2 100644
--- a/stk500v2.c
+++ b/stk500v2.c
@@ -2823,11 +2823,17 @@ static int stk500v2_set_sck_period_mk2(PROGRAMMER * pgm, double v)
 {
   int i;
 
-  for (i = 0; i < sizeof(avrispmkIIfreqs); i++) {
+  for (i = 0; i < sizeof(avrispmkIIfreqs) / sizeof(avrispmkIIfreqs[0]); i++) {
     if (1 / avrispmkIIfreqs[i] >= v)
       break;
   }
 
+  if (i >= sizeof(avrispmkIIfreqs) / sizeof(avrispmkIIfreqs[0])) {
+    avrdude_message(MSG_INFO, "%s: stk500v2_set_sck_period_mk2(): "
+                    "invalid SCK period: %g\n", progname, v);
+    return -1;
+  }
+
   avrdude_message(MSG_NOTICE2, "Using p = %.2f us for SCK (param = %d)\n",
 	    1000000 / avrispmkIIfreqs[i], i);