aboutsummaryrefslogtreecommitdiff
path: root/hw/i386/multiboot.c
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2017-09-19 15:44:07 +0100
committerPeter Maydell <peter.maydell@linaro.org>2017-09-19 15:44:07 +0100
commit7ec6a364916c0d1eba01128481e503a550a2b466 (patch)
treeb88db8c6396c5e4ae6560da723e726729cc0e42c /hw/i386/multiboot.c
parent11e06ce1ed28fd0ffcbc1e2436b72f3412b4ecc8 (diff)
parent7437866bfc3b25663f415a8c660fd78360e84598 (diff)
downloadqemu-7ec6a364916c0d1eba01128481e503a550a2b466.zip
qemu-7ec6a364916c0d1eba01128481e503a550a2b466.tar.gz
qemu-7ec6a364916c0d1eba01128481e503a550a2b466.tar.bz2
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* warning improvements (Alistair) * KVM code cleanup (David) * scsi-block support for rerror/werror (Fam) * support for >64 vCPUs in Windows (Gonglei) * SCSI fix (Hannes) * SSE bugfixes (Joseph) * SmartOS compilation fixes (Kamil) * Hyper-V frequency MSR support (Ladi) * move more files to accel/tcg (Philippe, Thomas) * multiboot validation (PJP) * virtqueue size configuration for virtio-scsi (Richard) * Hyper-V header cleanup (Roman) * Maintainer email update (Guangrong) * checkpatch.pl --branch (Daniel), fixes (Greg) * introducing scsi/ (me) # gpg: Signature made Tue 19 Sep 2017 15:21:26 BST # gpg: using RSA key 0xBFFBD25F78C7AE83 # gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>" # gpg: aka "Paolo Bonzini <pbonzini@redhat.com>" # Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1 # Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83 * remotes/bonzini/tags/for-upstream: (51 commits) docker: fix creation of archives default-configs: Replace $(and ...) with $(call land, ...) osdep.h: Prohibit disabling assert() in supported builds checkpatch: add hwaddr to @typeList accel/hax: move hax-stub.c to accel/stubs/ target/i386: fix "info mem" for LA57 mode scripts: let checkpatch.pl process an entire GIT branch update-linux-headers: prepare for hyperv.h removal hyperv: add header with protocol definitions i386/cpu/hyperv: support over 64 vcpus for windows guests Convert remaining single line fprintf() to warn_report() Makefile: Remove libqemustub.a ptimer-test: do not link to libqemustub.a/libqemuutil.a target/mips: Convert VM clock update prints to warn_report General warn report fixups Convert multi-line fprintf() to warn_report() Convert single line fprintf(.../n) to warn_report() Convert remaining error_report() to warn_report() hw/i386: Improve some of the warning messages test-qga: add missing qemu-ga tool dependency ... Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'hw/i386/multiboot.c')
-rw-r--r--hw/i386/multiboot.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/hw/i386/multiboot.c b/hw/i386/multiboot.c
index 6001f4c..c7b70c9 100644
--- a/hw/i386/multiboot.c
+++ b/hw/i386/multiboot.c
@@ -221,15 +221,34 @@ int load_multiboot(FWCfgState *fw_cfg,
uint32_t mh_header_addr = ldl_p(header+i+12);
uint32_t mh_load_end_addr = ldl_p(header+i+20);
uint32_t mh_bss_end_addr = ldl_p(header+i+24);
+
mh_load_addr = ldl_p(header+i+16);
+ if (mh_header_addr < mh_load_addr) {
+ fprintf(stderr, "invalid mh_load_addr address\n");
+ exit(1);
+ }
+
uint32_t mb_kernel_text_offset = i - (mh_header_addr - mh_load_addr);
uint32_t mb_load_size = 0;
mh_entry_addr = ldl_p(header+i+28);
if (mh_load_end_addr) {
+ if (mh_bss_end_addr < mh_load_addr) {
+ fprintf(stderr, "invalid mh_bss_end_addr address\n");
+ exit(1);
+ }
mb_kernel_size = mh_bss_end_addr - mh_load_addr;
+
+ if (mh_load_end_addr < mh_load_addr) {
+ fprintf(stderr, "invalid mh_load_end_addr address\n");
+ exit(1);
+ }
mb_load_size = mh_load_end_addr - mh_load_addr;
} else {
+ if (kernel_file_size < mb_kernel_text_offset) {
+ fprintf(stderr, "invalid kernel_file_size\n");
+ exit(1);
+ }
mb_kernel_size = kernel_file_size - mb_kernel_text_offset;
mb_load_size = mb_kernel_size;
}