git.proxmox.com Git - qemu.git/commit

author	Laszlo Ersek <lersek@redhat.com>
	Wed, 20 Mar 2013 23:23:18 +0000 (00:23 +0100)
committer	Anthony Liguori <aliguori@us.ibm.com>
	Fri, 5 Apr 2013 00:23:08 +0000 (19:23 -0500)
commit	e980f2bf0a39cb524259bb70084e0f75b92c8f39
tree	b0bb01da2fe03f5b55c8aec249cac1d6ffcb0537	tree
parent	0c764a9dfc0d480c21f325480aa2e69581841858	commit \| diff

acpi_table_add(): extract and reimplement internals

The new function acpi_table_install() installs any blob the caller passes
in. In the next patches this function will be promoted from helper role to
extern.

Reimplementing the logic should make it easier to understand. It also
removes a buffer overflow when

has_header &&
cumulative_file_size < ACPI_TABLE_HDR_SIZE - ACPI_TABLE_PFX_SIZE

(In that case the g_realloc() call in the read() loop used to shrink the
"acpi_tables" array, causing an out-of-bounds read access when copying the
header out of "acpi_tables".)

The new code isn't more daring alignment-wise than its predecessor:
"acpi_table_header" is packed, and the uint32_t fields are at offsets 6,
26, and 34.

Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Anthony Liguori <aliguori@us.ibm.com>
Message-id: 1363821803-3380-7-git-send-email-lersek@redhat.com
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>