d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

APEI: Make sure event data fit into the buffer.

Browse Source 
There seem to be systems returning some garbage here.  I still don't
know why, but at least I hope this check fix indefinite printf loop.

MFC after:	2 weeks
This commit is contained in:
Alexander Motin 2022-02-03 15:18:31 -05:00
parent fd723975ec
commit 3b248a2113
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
sys/dev/acpica/acpi_apei.c
View File

@ -371,8 +371,9 @@ apei_ge_handler(struct apei_ge *ge, bool copy)
uint8_t *buf = copy ? ge->copybuf : ge->buf;
ACPI_HEST_GENERIC_STATUS *ges = (ACPI_HEST_GENERIC_STATUS *)buf;
ACPI_HEST_GENERIC_DATA *ged;
size_t off, len;
uint32_t sev;
int i, c, off;
int i, c;
if (ges == NULL || ges->BlockStatus == 0)
return (0);
@ -381,8 +382,11 @@ apei_ge_handler(struct apei_ge *ge, bool copy)
sev = ges->ErrorSeverity;
/* Process error entries. */
for (off = i = 0; i < c && off + sizeof(*ged) <= ges->DataLength; i++) {
len = MIN(ge->v1.ErrorBlockLength - sizeof(*ges), ges->DataLength);
for (off = i = 0; i < c && off + sizeof(*ged) <= len; i++) {
ged = (ACPI_HEST_GENERIC_DATA *)&buf[sizeof(*ges) + off];
if ((uint64_t)GED_SIZE(ged) + ged->ErrorDataLength > len - off)
break;
apei_ged_handler(ged);
off += GED_SIZE(ged) + ged->ErrorDataLength;
}