Date: Mon, 9 Jul 2012 09:38:53 +0000 (UTC) From: Takanori Watanabe <takawata@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r238288 - head/usr.sbin/acpi/acpidump Message-ID: <201207090938.q699cra0008391@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: takawata Date: Mon Jul 9 09:38:53 2012 New Revision: 238288 URL: http://svn.freebsd.org/changeset/base/238288 Log: Add range and table revision checking to avoid abend. PR:bin/169707 Submitted by:Dan Lukes <dan@obluda.cz> MFC after:3 days. Modified: head/usr.sbin/acpi/acpidump/acpi.c Modified: head/usr.sbin/acpi/acpidump/acpi.c ============================================================================== --- head/usr.sbin/acpi/acpidump/acpi.c Mon Jul 9 09:24:46 2012 (r238287) +++ head/usr.sbin/acpi/acpidump/acpi.c Mon Jul 9 09:38:53 2012 (r238288) @@ -654,16 +654,24 @@ acpi_handle_tcpa(ACPI_TABLE_HEADER *sdp) printf(END_COMMENT); return; } + if(sdp->Revision == 1){ + printf("\tOLD TCPA spec log found. Dumping not supported.\n"); + printf(END_COMMENT); + return; + } vaddr = (unsigned char *)acpi_map_physical(paddr, len); vend = vaddr + len; while (vaddr != NULL) { - if (vaddr + sizeof(struct TCPAevent) >= vend) + if ((vaddr + sizeof(struct TCPAevent) >= vend)|| + (vaddr + sizeof(struct TCPAevent) < vaddr)) break; event = (struct TCPAevent *)(void *)vaddr; if (vaddr + event->event_size >= vend) break; + if (vaddr + event->event_size < vaddr) + break; if (event->event_type == 0 && event->event_size == 0) break; #if 0
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201207090938.q699cra0008391>