diff options
author | Eduardo Habkost <ehabkost@redhat.com> | 2014-03-14 16:33:52 -0300 |
---|---|---|
committer | Michael S. Tsirkin <mst@redhat.com> | 2014-03-18 16:08:43 +0200 |
commit | 39ee3af3a85fedb55b9eeb1a0bc81a2460eeaa01 (patch) | |
tree | d98a5707aadaf29780a7d9baf676279e086bab5a /hw | |
parent | 5ff020b7b02dce36a66c106df986ff68f8452542 (diff) | |
download | qemu-39ee3af3a85fedb55b9eeb1a0bc81a2460eeaa01.zip qemu-39ee3af3a85fedb55b9eeb1a0bc81a2460eeaa01.tar.gz qemu-39ee3af3a85fedb55b9eeb1a0bc81a2460eeaa01.tar.bz2 |
acpi: Assert sts array limit on AcpiCpuHotplug_add()
AcpiCpuHotplug_add() can't handle vCPU arch IDs larger than
ACPI_CPU_HOTPLUG_ID_LIMIT. Instead of corrupting memory in case the vCPU
ID is too large, use g_assert() to ensure we are not over the limit.
Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
Diffstat (limited to 'hw')
-rw-r--r-- | hw/acpi/cpu_hotplug.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/hw/acpi/cpu_hotplug.c b/hw/acpi/cpu_hotplug.c index 48928dc..2ad83a0 100644 --- a/hw/acpi/cpu_hotplug.c +++ b/hw/acpi/cpu_hotplug.c @@ -43,6 +43,7 @@ void AcpiCpuHotplug_add(ACPIGPE *gpe, AcpiCpuHotplug *g, CPUState *cpu) *gpe->sts = *gpe->sts | ACPI_CPU_HOTPLUG_STATUS; cpu_id = k->get_arch_id(CPU(cpu)); + g_assert((cpu_id / 8) < ACPI_GPE_PROC_LEN); g->sts[cpu_id / 8] |= (1 << (cpu_id % 8)); } |