When calculating the size of the buffer required for the VBE state,
round up rather than truncating when dividing the number of bytes to get
the number of 64-byte blocks. Without this modification, the save state
function will write past the end of a buffer of the size requested.
Signed-off-by: Daniel Verkamp <daniel@drv.nu>
---
vgasrc/vbe.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/vgasrc/vbe.c b/vgasrc/vbe.c
index 66afb011..1a0948cf 100644
--- a/vgasrc/vbe.c
+++ b/vgasrc/vbe.c
@@ -242,7 +242,7 @@ vbe_104f04(struct bregs *regs)
if (ret < 0)
goto fail;
if (cmd == 0)
- regs->bx = ret / 64;
+ regs->bx = DIV_ROUND_UP(ret, 64);
regs->ax = 0x004f;
return;
fail:
--
2.43.0
_______________________________________________
SeaBIOS mailing list -- seabios@seabios.org
To unsubscribe send an email to seabios-leave@seabios.org
On Sun, Mar 10, 2024 at 09:19:55PM -0700, Daniel Verkamp wrote: > When calculating the size of the buffer required for the VBE state, > round up rather than truncating when dividing the number of bytes to get > the number of 64-byte blocks. Without this modification, the save state > function will write past the end of a buffer of the size requested. Good catch. Wouldn't handle_101c() also need the same change? Thanks. -Kevin > > Signed-off-by: Daniel Verkamp <daniel@drv.nu> > --- > vgasrc/vbe.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/vgasrc/vbe.c b/vgasrc/vbe.c > index 66afb011..1a0948cf 100644 > --- a/vgasrc/vbe.c > +++ b/vgasrc/vbe.c > @@ -242,7 +242,7 @@ vbe_104f04(struct bregs *regs) > if (ret < 0) > goto fail; > if (cmd == 0) > - regs->bx = ret / 64; > + regs->bx = DIV_ROUND_UP(ret, 64); > regs->ax = 0x004f; > return; > fail: > -- > 2.43.0 > > _______________________________________________ > SeaBIOS mailing list -- seabios@seabios.org > To unsubscribe send an email to seabios-leave@seabios.org _______________________________________________ SeaBIOS mailing list -- seabios@seabios.org To unsubscribe send an email to seabios-leave@seabios.org
On 11/3/24 05:19, Daniel Verkamp wrote: > When calculating the size of the buffer required for the VBE state, > round up rather than truncating when dividing the number of bytes to get > the number of 64-byte blocks. Without this modification, the save state > function will write past the end of a buffer of the size requested. > > Signed-off-by: Daniel Verkamp <daniel@drv.nu> > --- > vgasrc/vbe.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> _______________________________________________ SeaBIOS mailing list -- seabios@seabios.org To unsubscribe send an email to seabios-leave@seabios.org
© 2016 - 2024 Red Hat, Inc.