diff options
author | Peter Maydell <peter.maydell@linaro.org> | 2017-09-19 15:44:07 +0100 |
---|---|---|
committer | Peter Maydell <peter.maydell@linaro.org> | 2017-09-19 15:44:07 +0100 |
commit | 7ec6a364916c0d1eba01128481e503a550a2b466 (patch) | |
tree | b88db8c6396c5e4ae6560da723e726729cc0e42c /hw/i386/multiboot.c | |
parent | 11e06ce1ed28fd0ffcbc1e2436b72f3412b4ecc8 (diff) | |
parent | 7437866bfc3b25663f415a8c660fd78360e84598 (diff) | |
download | qemu-7ec6a364916c0d1eba01128481e503a550a2b466.zip qemu-7ec6a364916c0d1eba01128481e503a550a2b466.tar.gz qemu-7ec6a364916c0d1eba01128481e503a550a2b466.tar.bz2 |
Merge remote-tracking branch 'remotes/bonzini/tags/for-upstream' into staging
* warning improvements (Alistair)
* KVM code cleanup (David)
* scsi-block support for rerror/werror (Fam)
* support for >64 vCPUs in Windows (Gonglei)
* SCSI fix (Hannes)
* SSE bugfixes (Joseph)
* SmartOS compilation fixes (Kamil)
* Hyper-V frequency MSR support (Ladi)
* move more files to accel/tcg (Philippe, Thomas)
* multiboot validation (PJP)
* virtqueue size configuration for virtio-scsi (Richard)
* Hyper-V header cleanup (Roman)
* Maintainer email update (Guangrong)
* checkpatch.pl --branch (Daniel), fixes (Greg)
* introducing scsi/ (me)
# gpg: Signature made Tue 19 Sep 2017 15:21:26 BST
# gpg: using RSA key 0xBFFBD25F78C7AE83
# gpg: Good signature from "Paolo Bonzini <bonzini@gnu.org>"
# gpg: aka "Paolo Bonzini <pbonzini@redhat.com>"
# Primary key fingerprint: 46F5 9FBD 57D6 12E7 BFD4 E2F7 7E15 100C CD36 69B1
# Subkey fingerprint: F133 3857 4B66 2389 866C 7682 BFFB D25F 78C7 AE83
* remotes/bonzini/tags/for-upstream: (51 commits)
docker: fix creation of archives
default-configs: Replace $(and ...) with $(call land, ...)
osdep.h: Prohibit disabling assert() in supported builds
checkpatch: add hwaddr to @typeList
accel/hax: move hax-stub.c to accel/stubs/
target/i386: fix "info mem" for LA57 mode
scripts: let checkpatch.pl process an entire GIT branch
update-linux-headers: prepare for hyperv.h removal
hyperv: add header with protocol definitions
i386/cpu/hyperv: support over 64 vcpus for windows guests
Convert remaining single line fprintf() to warn_report()
Makefile: Remove libqemustub.a
ptimer-test: do not link to libqemustub.a/libqemuutil.a
target/mips: Convert VM clock update prints to warn_report
General warn report fixups
Convert multi-line fprintf() to warn_report()
Convert single line fprintf(.../n) to warn_report()
Convert remaining error_report() to warn_report()
hw/i386: Improve some of the warning messages
test-qga: add missing qemu-ga tool dependency
...
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'hw/i386/multiboot.c')
-rw-r--r-- | hw/i386/multiboot.c | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/hw/i386/multiboot.c b/hw/i386/multiboot.c index 6001f4c..c7b70c9 100644 --- a/hw/i386/multiboot.c +++ b/hw/i386/multiboot.c @@ -221,15 +221,34 @@ int load_multiboot(FWCfgState *fw_cfg, uint32_t mh_header_addr = ldl_p(header+i+12); uint32_t mh_load_end_addr = ldl_p(header+i+20); uint32_t mh_bss_end_addr = ldl_p(header+i+24); + mh_load_addr = ldl_p(header+i+16); + if (mh_header_addr < mh_load_addr) { + fprintf(stderr, "invalid mh_load_addr address\n"); + exit(1); + } + uint32_t mb_kernel_text_offset = i - (mh_header_addr - mh_load_addr); uint32_t mb_load_size = 0; mh_entry_addr = ldl_p(header+i+28); if (mh_load_end_addr) { + if (mh_bss_end_addr < mh_load_addr) { + fprintf(stderr, "invalid mh_bss_end_addr address\n"); + exit(1); + } mb_kernel_size = mh_bss_end_addr - mh_load_addr; + + if (mh_load_end_addr < mh_load_addr) { + fprintf(stderr, "invalid mh_load_end_addr address\n"); + exit(1); + } mb_load_size = mh_load_end_addr - mh_load_addr; } else { + if (kernel_file_size < mb_kernel_text_offset) { + fprintf(stderr, "invalid kernel_file_size\n"); + exit(1); + } mb_kernel_size = kernel_file_size - mb_kernel_text_offset; mb_load_size = mb_kernel_size; } |