hw/i386: OVMF table parsing fixes

[PATCH v3 0/2] hw/i386: OVMF table parsing fixes

Dov Murik posted 2 patches 2 years, 2 months ago

Download series mbox

Test checkpatch passed

Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/qemu tags/patchew/20220222071906.2632426-1-dovmurik@linux.ibm.com

Maintainers: Richard Henderson <richard.henderson@linaro.org>, "Michael S. Tsirkin" <mst@redhat.com>, Gerd Hoffmann <kraxel@redhat.com>, "Philippe Mathieu-Daudé" <f4bug@amsat.org>, Eduardo Habkost <eduardo@habkost.net>, Paolo Bonzini <pbonzini@redhat.com>, Marcel Apfelbaum <marcel.apfelbaum@gmail.com>

hw/i386/pc_sysfw_ovmf.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)

Expand all Fold all

[PATCH v3 0/2] hw/i386: OVMF table parsing fixes

Posted by Dov Murik 2 years, 2 months ago

Fix missing bounds check when parsing the OVMF table.

This already had two iterations as a single patch; I decided to split it
to two patches.  The first deals only with bounds checking, and the
second is a non-functional change to clear the code according to
reviewers' suggestions.

v3:
- simplify bounds check and remove max_tot_len (thanks Dave)
- split one patch to two

v2:
- add error message example to commit description
- replace magic numbers 48 and 50 with size calculations (thanks Phil
  MD)

Dov Murik (2):
  hw/i386: Improve bounds checking in OVMF table parsing
  hw/i386: Replace magic number with field length calculation

 hw/i386/pc_sysfw_ovmf.c | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)


base-commit: 477c3b934a47adf7de285863f59d6e4503dd1a6d
-- 
2.25.1