WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-changelog

[Xen-changelog] [xen-unstable] hvmloader: Fix parsing Etherboot roms to

To: xen-changelog@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-changelog] [xen-unstable] hvmloader: Fix parsing Etherboot roms to avoid an infinite loop.
From: Xen patchbot-unstable <patchbot-unstable@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 09 Apr 2008 06:50:19 -0700
Delivery-date: Wed, 09 Apr 2008 06:50:28 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-changelog-request@lists.xensource.com?subject=help>
List-id: BK change log <xen-changelog.lists.xensource.com>
List-post: <mailto:xen-changelog@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-changelog>, <mailto:xen-changelog-request@lists.xensource.com?subject=unsubscribe>
Reply-to: xen-devel@xxxxxxxxxxxxxxxxxxx
Sender: xen-changelog-bounces@xxxxxxxxxxxxxxxxxxx
# HG changeset patch
# User Keir Fraser <keir.fraser@xxxxxxxxxx>
# Date 1207745554 -3600
# Node ID 13cc6b2b8b61769cbeea4f0d10975f5d8bb5676a
# Parent  a8ce3e934abd5d9979566186c7618d4c9f8d7db3
hvmloader: Fix parsing Etherboot roms to avoid an infinite loop.

Signed-off-by: Yosuke Iwamatsu <y-iwamatsu@xxxxxxxxxxxxx>
Signed-off-by: Keir Fraser <keir.fraser@xxxxxxxxxx>
---
 tools/firmware/hvmloader/hvmloader.c |   37 +++++++++++++++++------------------
 1 files changed, 19 insertions(+), 18 deletions(-)

diff -r a8ce3e934abd -r 13cc6b2b8b61 tools/firmware/hvmloader/hvmloader.c
--- a/tools/firmware/hvmloader/hvmloader.c      Wed Apr 09 13:35:44 2008 +0100
+++ b/tools/firmware/hvmloader/hvmloader.c      Wed Apr 09 13:52:34 2008 +0100
@@ -374,30 +374,31 @@ static int scan_etherboot_nic(void *copy
             /* Check the PCI PnP header (if any) for a match. */
             pcih = (struct option_rom_pci_header *)
                 ((char *)rom + rom->pci_header_offset);
-            if ( (rom->pci_header_offset == 0) ||
-                 strncmp(pcih->signature, "PCIR", 4) ||
-                 (pcih->vendor_id != vendor_id) ||
-                 (pcih->device_id != device_id) )
-                continue;
-
-            /* Find the PnP expansion header (if any). */
-            pnph = ((rom->expansion_header_offset != 0)
-                    ? ((struct option_rom_pnp_header *)
-                       ((char *)rom + rom->expansion_header_offset))
-                    : ((struct option_rom_pnp_header *)NULL));
-            while ( (pnph != NULL) && strncmp(pnph->signature, "$PnP", 4) )
-                pnph = ((pnph->next_header_offset != 0)
-                        ? ((struct option_rom_pnp_header *)
-                           ((char *)rom + pnph->next_header_offset))
-                        : ((struct option_rom_pnp_header *)NULL));
-
-            goto found;
+            if ( (rom->pci_header_offset != 0) &&
+                 !strncmp(pcih->signature, "PCIR", 4) &&
+                 (pcih->vendor_id == vendor_id) &&
+                 (pcih->device_id == device_id) )
+                goto found;
+
+            rom = (struct option_rom_header *)
+                ((char *)rom + rom->rom_size * 512);
         }
     }
 
     return 0;
 
  found:
+    /* Find the PnP expansion header (if any). */
+    pnph = ((rom->expansion_header_offset != 0)
+            ? ((struct option_rom_pnp_header *)
+               ((char *)rom + rom->expansion_header_offset))
+            : ((struct option_rom_pnp_header *)NULL));
+    while ( (pnph != NULL) && strncmp(pnph->signature, "$PnP", 4) )
+        pnph = ((pnph->next_header_offset != 0)
+                ? ((struct option_rom_pnp_header *)
+                   ((char *)rom + pnph->next_header_offset))
+                : ((struct option_rom_pnp_header *)NULL));
+
     printf("Loading PXE ROM ...\n");
     if ( (pnph != NULL) && (pnph->manufacturer_name_offset != 0) )
         printf(" - Manufacturer: %s\n",

_______________________________________________
Xen-changelog mailing list
Xen-changelog@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-changelog

<Prev in Thread] Current Thread [Next in Thread>
  • [Xen-changelog] [xen-unstable] hvmloader: Fix parsing Etherboot roms to avoid an infinite loop., Xen patchbot-unstable <=