From 3765b809934386dda7010960d5494fcb77dd0a8a Mon Sep 17 00:00:00 2001 From: Conrad Meyer Date: Wed, 20 Apr 2016 01:10:07 +0000 Subject: [PATCH] SRAT: Don't overflow domain_pxm table If we reached MAXMEMDOM, we would previously try to insert an additional element and only detect overflow after causing (probably trivial) memory overflow. Instead, detect the ndomain > MAXMEMDOM case before we write past the end. Reported by: Coverity CID: 1354783 Sponsored by: EMC / Isilon Storage Division --- sys/x86/acpica/srat.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/sys/x86/acpica/srat.c b/sys/x86/acpica/srat.c index 19ed116cb4cc..85f19221e707 100644 --- a/sys/x86/acpica/srat.c +++ b/sys/x86/acpica/srat.c @@ -355,17 +355,18 @@ renumber_domains(void) if (j < ndomain && domain_pxm[j] == mem_info[i].domain) continue; + if (ndomain >= MAXMEMDOM) { + ndomain = 1; + printf("SRAT: Too many memory domains\n"); + return (EFBIG); + } + /* Insert the new domain at slot 'j'. */ slot = j; for (j = ndomain; j > slot; j--) domain_pxm[j] = domain_pxm[j - 1]; domain_pxm[slot] = mem_info[i].domain; ndomain++; - if (ndomain > MAXMEMDOM) { - ndomain = 1; - printf("SRAT: Too many memory domains\n"); - return (EFBIG); - } } /* Renumber each domain to its index in the sorted 'domain_pxm' list. */