spapr: sanity check size of the CAS buffer
The CAS buffer is provided by SLOF. A broken SLOF could pass a silly size: either smaller than the diff header, in which case the current code will try to allocate 16 Exabytes of memory and g_malloc0() will abort, or bigger than the maximum memory provisioned for SLOF (ie, 40 Megabytes), which doesn't make sense. Both cases indicate that SLOF has a bug. Let's print out an explicit error message and exit since rebooting as we do with other errors would only result in a reset loop. Signed-off-by: Greg Kurz <groug@kaod.org> [dwg: Fix format specifier that broke 32-bit builds] Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
This commit is contained in:
parent
dc1b5eee86
commit
827b17c468
@ -819,6 +819,13 @@ int spapr_h_cas_compose_response(sPAPRMachineState *spapr,
|
||||
return 1;
|
||||
}
|
||||
|
||||
if (size < sizeof(hdr) || size > FW_MAX_SIZE) {
|
||||
error_report("SLOF provided an unexpected CAS buffer size "
|
||||
TARGET_FMT_lu " (min: %zu, max: %u)",
|
||||
size, sizeof(hdr), FW_MAX_SIZE);
|
||||
exit(EXIT_FAILURE);
|
||||
}
|
||||
|
||||
size -= sizeof(hdr);
|
||||
|
||||
/* Create skeleton */
|
||||
|
Loading…
Reference in New Issue
Block a user