John Zhao has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/33051 )
Change subject: src/arch/x86: Prevent attack on null pointer dereference
......................................................................
Patch Set 3:
(2 comments)
https://review.coreboot.org/c/coreboot/+/33051/3/src/arch/x86/acpi.c
File src/arch/x86/acpi.c:
https://review.coreboot.org/c/coreboot/+/33051/3/src/arch/x86/acpi.c@219
PS3, Line 219: memset((void *)madt, 0, sizeof(acpi_madt_t));
IMHO one should have tested for madt!=NULL before this line. […]
Alternatively header!=NULL check could be moved before memset to guard null pointer dereference.
https://review.coreboot.org/c/coreboot/+/33051/3/src/arch/x86/acpi.c@225
PS3, Line 225: memcpy(header->signature, "APIC", 4);
I am guessing analyzer complained on this line only? The signature is the first field of hearder, so […]
yes, it only complains on this line.
--
To view, visit
https://review.coreboot.org/c/coreboot/+/33051
To unsubscribe, or for help writing mail filters, visit
https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I7027b7cae3009a5481048bfa0536a6cbd9bef683
Gerrit-Change-Number: 33051
Gerrit-PatchSet: 3
Gerrit-Owner: John Zhao
john.zhao@intel.com
Gerrit-Reviewer: Balaji Manigandan
balaji.manigandan@intel.com
Gerrit-Reviewer: Felix Held
felix-coreboot@felixheld.de
Gerrit-Reviewer: John Zhao
john.zhao@intel.com
Gerrit-Reviewer: Lance Zhao
lance.zhao@gmail.com
Gerrit-Reviewer: Martin Roth
martinroth@google.com
Gerrit-Reviewer: build bot (Jenkins)
no-reply@coreboot.org
Gerrit-CC: John Zhao
john.zhao@intel.corp-partner.google.com
Gerrit-CC: Kyösti Mälkki
kyosti.malkki@gmail.com
Gerrit-Comment-Date: Mon, 08 Jul 2019 19:42:34 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Kyösti Mälkki
kyosti.malkki@gmail.com
Gerrit-MessageType: comment
