Zhenzhong Duan
2013-Aug-20 06:38 UTC
[PATCH v2] Minor change to avoid potental overflow accessing pci option roms
When scan pci option roms space, there is possibility to access beyond OPTIONROM_PHYSICAL_END for 2K. This patch makes the code robust though there are other checks such as 0x55AA signature. Bug was found by code inspection. v2: Add description per Konrad''s suggestion, thanks. Signed-off-by: Zhenzhong Duan <zhenzhong.duan@oracle.com> --- tools/firmware/rombios/rombios.c | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/firmware/rombios/rombios.c b/tools/firmware/rombios/rombios.c index 057aced..f5ac33e 100644 --- a/tools/firmware/rombios/rombios.c +++ b/tools/firmware/rombios/rombios.c @@ -10648,7 +10648,7 @@ rom_scan_increment: add cx, ax pop ax ;; Restore AX cmp cx, ax - jbe rom_scan_loop + jb rom_scan_loop xor ax, ax ;; Restore DS back to 0000: mov ds, ax @@ -11022,7 +11022,7 @@ post_default_ints: call post_init_pic mov cx, #0xc000 ;; init vga bios - mov ax, #0xc780 + mov ax, #0xc800 call rom_scan call _print_bios_banner -- 1.7.3