yeahuh / rpms / qemu-kvm

Forked from rpms/qemu-kvm 2 years ago
Clone
218e99
From 502442eae625ab550ec2f3b7cb4086f84b6fdb73 Mon Sep 17 00:00:00 2001
218e99
From: Markus Armbruster <armbru@redhat.com>
218e99
Date: Wed, 18 Sep 2013 09:31:09 +0200
218e99
Subject: [PATCH 25/29] pc_sysfw: Fix ISA BIOS init for ridiculously big flash
218e99
218e99
RH-Author: Markus Armbruster <armbru@redhat.com>
218e99
Message-id: <1379496669-22778-9-git-send-email-armbru@redhat.com>
218e99
Patchwork-id: 54427
218e99
O-Subject: [PATCH 7.0 qemu-kvm 8/8] pc_sysfw: Fix ISA BIOS init for ridiculously big flash
218e99
Bugzilla: 1009328
218e99
RH-Acked-by: Paolo Bonzini <pbonzini@redhat.com>
218e99
RH-Acked-by: Laszlo Ersek <lersek@redhat.com>
218e99
RH-Acked-by: Miroslav Rezanina <mrezanin@redhat.com>
218e99
218e99
From: Markus Armbruster <armbru@redhat.com>
218e99
218e99
pc_isa_bios_init() suffers integer overflow for flash larger than
218e99
INT_MAX.
218e99
218e99
Signed-off-by: Markus Armbruster <armbru@redhat.com>
218e99
Acked-by: Laszlo Ersek <lersek@redhat.com>
218e99
Acked-by: Stefano Stabellini <stefano.stabellini@eu.citrix.com>
218e99
Acked-by: Christian Borntraeger <borntraeger@de.ibm.com>
218e99
Message-id: 1375276272-15988-9-git-send-email-armbru@redhat.com
218e99
Signed-off-by: Anthony Liguori <anthony@codemonkey.ws>
218e99
(cherry picked from commit 7f87af39dc786a979e7ebba338d0781e366060ed)
218e99
---
218e99
 hw/block/pc_sysfw.c | 5 +----
218e99
 1 file changed, 1 insertion(+), 4 deletions(-)
218e99
218e99
Signed-off-by: Miroslav Rezanina <mrezanin@redhat.com>
218e99
---
218e99
 hw/block/pc_sysfw.c |    5 +----
218e99
 1 files changed, 1 insertions(+), 4 deletions(-)
218e99
218e99
diff --git a/hw/block/pc_sysfw.c b/hw/block/pc_sysfw.c
218e99
index 2bbedc9..4e3e6b6 100644
218e99
--- a/hw/block/pc_sysfw.c
218e99
+++ b/hw/block/pc_sysfw.c
218e99
@@ -54,10 +54,7 @@ static void pc_isa_bios_init(MemoryRegion *rom_memory,
218e99
     flash_size = memory_region_size(flash_mem);
218e99
 
218e99
     /* map the last 128KB of the BIOS in ISA space */
218e99
-    isa_bios_size = flash_size;
218e99
-    if (isa_bios_size > (128 * 1024)) {
218e99
-        isa_bios_size = 128 * 1024;
218e99
-    }
218e99
+    isa_bios_size = MIN(flash_size, 128 * 1024);
218e99
     isa_bios = g_malloc(sizeof(*isa_bios));
218e99
     memory_region_init_ram(isa_bios, "isa-bios", isa_bios_size);
218e99
     vmstate_register_ram_global(isa_bios);
218e99
-- 
218e99
1.7.1
218e99