Espen Skoglund
2008-Apr-02 16:58 UTC
[Xen-devel] [PATCH] Make ACPI DMAR parsing more robust
Parsing ACPI related VT-d tables may cause infinite loop due to u8 value wraparound. Also add sanity check on table length entry. eSk Signed-off-by: Espen Skoglund <espen.skoglund@netronome.com> _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Keir Fraser
2008-Apr-03 10:21 UTC
Re: [Xen-devel] [PATCH] Make ACPI DMAR parsing more robust
Regarding the table length sanity check -- depth is set to the number of acp_pci_path structures in the table. But then we only follow the path to depth-1. Is that correct? Also I changed the test to ''--depth >= 0'' which is equivalent and a bit easier to read imo. -- Keir On 2/4/08 17:58, "Espen Skoglund" <espen.skoglund@netronome.com> wrote:> Parsing ACPI related VT-d tables may cause infinite loop due to u8 > value wraparound. Also add sanity check on table length entry. > > eSk > > > Signed-off-by: Espen Skoglund <espen.skoglund@netronome.com> > > _______________________________________________ > Xen-devel mailing list > Xen-devel@lists.xensource.com > http://lists.xensource.com/xen-devel_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel
Espen Skoglund
2008-Apr-03 10:32 UTC
Re: [Xen-devel] [PATCH] Make ACPI DMAR parsing more robust
Right. Depth *should* always be >= 1, but from my experience one can not always trust the info in the tables to be correct. Better be on the safe side. eSk [Keir Fraser]> Regarding the table length sanity check -- depth is set to the > number of acp_pci_path structures in the table. But then we only > follow the path to depth-1. Is that correct?> Also I changed the test to ''--depth >= 0'' which is equivalent and a > bit easier to read imo.> -- Keir> On 2/4/08 17:58, "Espen Skoglund" <espen.skoglund@netronome.com> wrote:>> Parsing ACPI related VT-d tables may cause infinite loop due to u8 >> value wraparound. Also add sanity check on table length entry. >> >> eSk >> >> >> Signed-off-by: Espen Skoglund <espen.skoglund@netronome.com> >> >> _______________________________________________ >> Xen-devel mailing list >> Xen-devel@lists.xensource.com >> http://lists.xensource.com/xen-devel_______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel