PARSER_PARAMS (MadtInterruptControllerHeaderParser)\r
);\r
\r
- if (((Offset + (*MadtInterruptControllerLength)) > AcpiTableLength) ||\r
- (*MadtInterruptControllerLength < 4)) {\r
+ // Make sure forward progress is made.\r
+ if (*MadtInterruptControllerLength < 2) {\r
IncrementErrorCount ();\r
Print (\r
- L"ERROR: Invalid Interrupt Controller Length,"\r
- L" Type = %d, Length = %d\n",\r
- *MadtInterruptControllerType,\r
- *MadtInterruptControllerLength\r
- );\r
- break;\r
+ L"ERROR: Structure length is too small: " \\r
+ L"MadtInterruptControllerLength = %d. " \\r
+ L"MadtInterruptControllerType = %d. MADT parsing aborted.\n",\r
+ *MadtInterruptControllerLength,\r
+ *MadtInterruptControllerType\r
+ );\r
+ return;\r
+ }\r
+\r
+ // Make sure the MADT structure lies inside the table\r
+ if ((Offset + *MadtInterruptControllerLength) > AcpiTableLength) {\r
+ IncrementErrorCount ();\r
+ Print (\r
+ L"ERROR: Invalid MADT structure length. " \\r
+ L"MadtInterruptControllerLength = %d. " \\r
+ L"RemainingTableBufferLength = %d. MADT parsing aborted.\n",\r
+ *MadtInterruptControllerLength,\r
+ AcpiTableLength - Offset\r
+ );\r
+ return;\r
}\r
\r
switch (*MadtInterruptControllerType) {\r
projects / mirror_edk2.git / commitdiff