Date: Mon, 14 Feb 2011 13:50:48 -0500 From: Jung-uk Kim <jkim@FreeBSD.org> To: John Baldwin <jhb@freebsd.org> Cc: svn-src-head@freebsd.org, Matthew D Fleming <mdf@freebsd.org>, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r218685 - head/sys/dev/acpica Message-ID: <201102141350.55218.jkim@FreeBSD.org> In-Reply-To: <201102141333.05054.jhb@freebsd.org> References: <201102141720.p1EHKKeU000451@svn.freebsd.org> <201102141333.05054.jhb@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Monday 14 February 2011 01:33 pm, John Baldwin wrote: > On Monday, February 14, 2011 12:20:20 pm Matthew D Fleming wrote: > > Author: mdf > > Date: Mon Feb 14 17:20:20 2011 > > New Revision: 218685 > > URL: http://svn.freebsd.org/changeset/base/218685 > > > > Log: > > Prevent reading from the ACPI_RESOURCE past its actual end. > > For paranoia limit to the size of the ACPI_RESOURCE as well. > > I think in practice that len would never be > > sizeof(ACPI_RESOURCE). > > You could probably get by with using a KASSERT() instead: > > KASSERT(res->Length <= sizeof(ACPI_RESOURCE), "resource too > large")); bcopy(res, req->acpi_res, res->Length); We should avoid sizeof(ACPI_RESOURCE). If you really have to know size of a specific resource type, there is a convenience macro, i.e., ACPI_RS_SIZE(type). Jung-uk Kim
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201102141350.55218.jkim>