Patchwork [v3,for,1.6,8/8] pc_sysfw: Fix ISA BIOS init for ridiculously big flash

login
register
mail settings
Submitter Markus Armbruster
Date July 31, 2013, 1:11 p.m.
Message ID <1375276272-15988-9-git-send-email-armbru@redhat.com>
Download mbox | patch
Permalink /patch/263712/
State New
Headers show

Comments

Markus Armbruster - July 31, 2013, 1:11 p.m.
pc_isa_bios_init() suffers integer overflow for flash larger than
INT_MAX.

Signed-off-by: Markus Armbruster <armbru@redhat.com>
---
 hw/block/pc_sysfw.c | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

Patch

diff --git a/hw/block/pc_sysfw.c b/hw/block/pc_sysfw.c
index 7db68f0..74a5364 100644
--- a/hw/block/pc_sysfw.c
+++ b/hw/block/pc_sysfw.c
@@ -54,10 +54,7 @@  static void pc_isa_bios_init(MemoryRegion *rom_memory,
     flash_size = memory_region_size(flash_mem);
 
     /* map the last 128KB of the BIOS in ISA space */
-    isa_bios_size = flash_size;
-    if (isa_bios_size > (128 * 1024)) {
-        isa_bios_size = 128 * 1024;
-    }
+    isa_bios_size = MIN(flash_size, 128 * 1024);
     isa_bios = g_malloc(sizeof(*isa_bios));
     memory_region_init_ram(isa_bios, NULL, "isa-bios", isa_bios_size);
     vmstate_register_ram_global(isa_bios);