MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-08-21 16:31:14 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
v6.6.100
linux-yocto/include/acpi
History
Ahmed Salem 30e11a8cff ACPICA: Avoid sequence overread in call to strncmp() 
[ Upstream commit 64b9dfd077 ]

ACPICA commit 8b83a8d88dfec59ea147fad35fc6deea8859c58c

ap_get_table_length() checks if tables are valid by
calling ap_is_valid_header(). The latter then calls
ACPI_VALIDATE_RSDP_SIG(Table->Signature).

ap_is_valid_header() accepts struct acpi_table_header as an argument, so
the signature size is always fixed to 4 bytes.

The problem is when the string comparison is between ACPI-defined table
signature and ACPI_SIG_RSDP. Common ACPI table header specifies the
Signature field to be 4 bytes long[1], with the exception of the RSDP
structure whose signature is 8 bytes long "RSD PTR " (including the
trailing blank character)[2]. Calling strncmp(sig, rsdp_sig, 8) would
then result in a sequence overread[3] as sig would be smaller (4 bytes)
than the specified bound (8 bytes).

As a workaround, pass the bound conditionally based on the size of the
signature being passed.

Link: https://uefi.org/specs/ACPI/6.5_A/05_ACPI_Software_Programming_Model.html#system-description-table-header [1]
Link: https://uefi.org/specs/ACPI/6.5_A/05_ACPI_Software_Programming_Model.html#root-system-description-pointer-rsdp-structure [2]
Link: https://gcc.gnu.org/onlinedocs/gcc/Warning-Options.html#index-Wstringop-overread [3]
Link: https://github.com/acpica/acpica/commit/8b83a8d8
Signed-off-by: Ahmed Salem <x0rw3ll@gmail.com>
Signed-off-by: Rafael J. Wysocki <rafael.j.wysocki@intel.com>
Link: https://patch.msgid.link/2248233.Mh6RI2rZIc@rjwysocki.net
Signed-off-by: Sasha Levin <sashal@kernel.org>
2025-06-27 11:08:52 +01:00
..
platform ACPICA: fix for conflict macro definition on zephyr interface 2023-07-10 15:21:04 +02:00
acbuffer.h ACPICA: Update all copyrights/signons to 2023 2023-04-06 20:29:11 +02:00
acconfig.h ACPICA: Update all copyrights/signons to 2023 2023-04-06 20:29:11 +02:00
acexcep.h ACPICA: Update all copyrights/signons to 2023 2023-04-06 20:29:11 +02:00
acnames.h ACPICA: Detect GED device and keep track of _EVT 2023-07-10 18:33:47 +02:00
acoutput.h ACPICA: Update all copyrights/signons to 2023 2023-04-06 20:29:11 +02:00
acpi_bus.h ACPI: x86: Move acpi_quirk_skip_serdev_enumeration() out of CONFIG_X86_ANDROID_TABLETS 2024-04-13 13:07:31 +02:00
acpi_drivers.h ACPI: platform: Move SMB0001 HID to the header and reuse 2023-07-04 19:28:20 +02:00
acpi_io.h Revert "ACPI: Add memory semantics to acpi_os_map_memory()" 2021-09-23 20:39:36 +02:00
acpi_lpat.h
acpi_numa.h ACPI: processor: Replace kernel.h with the necessary inclusions 2021-11-24 17:44:04 +01:00
acpi.h ACPICA: Update all copyrights/signons to 2023 2023-04-06 20:29:11 +02:00
acpiosxf.h ACPICA: Update all copyrights/signons to 2023 2023-04-06 20:29:11 +02:00
acpixf.h LoongArch: Fix warnings during S3 suspend 2025-02-08 09:52:27 +01:00
acrestyp.h ACPICA: acpi_resource_irq: Replace 1-element arrays with flexible array 2023-04-06 20:29:12 +02:00
actbl.h ACPI: CPPC: Add definition for undefined FADT preferred PM profile value 2023-06-21 18:44:56 +02:00
actbl1.h ACPICA: Fix misspelled CDAT DSMAS define 2023-07-10 18:49:16 +02:00
actbl2.h ACPICA: RHCT: Add flags, CMO and MMU nodes 2023-07-10 18:49:16 +02:00
actbl3.h ACPICA: Add a define for size of struct acpi_srat_generic_affinity device_handle 2023-07-10 18:49:16 +02:00
actypes.h ACPICA: Avoid sequence overread in call to strncmp() 2025-06-27 11:08:52 +01:00
acuuid.h ACPICA: Update all copyrights/signons to 2023 2023-04-06 20:29:11 +02:00
apei.h ACPI: APEI: Fix missing ERST record id 2022-04-13 20:29:24 +02:00
battery.h ACPI: battery: Pass battery hook pointer to hook callbacks 2022-11-16 08:48:18 +01:00
button.h
cppc_acpi.h ACPI: CPPC: Make rmw_lock a raw_spin_lock 2024-11-08 16:28:20 +01:00
ghes.h ACPI: APEI: Fix AER info corruption when error status data has multiple sections 2023-11-28 17:19:37 +00:00
hed.h
nfit.h
pcc.h mailbox: pcc: Check before sending MCTP PCC response ACK 2025-01-09 13:31:45 +01:00
proc_cap_intel.h ACPI: processor: Introduce acpi_processor_osc() 2023-07-14 17:59:40 +02:00
processor.h cpu-hotplug: Provide prototypes for arch CPU registration 2023-10-11 14:27:37 +02:00
reboot.h
video.h ACPI: video: Remove register_backlight_delay module option and code 2023-04-11 20:55:46 +02:00