The current code in grub_acpi_create_ebda() first computes the ebda
pointer, then dereferences it, and then checks whether the ebda pointer
was null. Several compilers (including gcc) will eliminate null pointer
checks after the pointer has been dereferenced, on the assumption that
the pointer could not be null, since it has already been dereferenced.
The patch below ensures that ebda is dereferenced only if it is non-null.
Nickolai.
---
--- grub-core/commands/acpi.c 2013-01-15 12:02:35 +0000
+++ grub-core/commands/acpi.c 2013-03-04 04:00:58 +0000
@@ -171,7 +171,7 @@
struct grub_acpi_create_ebda_ctx ctx = {
.highestlow = 0
};
- int ebda_kb_len;
+ int ebda_kb_len = 0;
int mmapregion = 0;
grub_uint8_t *ebda, *v1inebda = 0, *v2inebda = 0;
grub_uint8_t *targetebda, *target;
@@ -179,8 +179,9 @@
struct grub_acpi_rsdp_v20 *v2;
ebda = (grub_uint8_t *) (grub_addr_t) ((*((grub_uint16_t *)0x40e)) << 4);
- ebda_kb_len = *(grub_uint16_t *) ebda;
- if (! ebda || ebda_kb_len > 16)
+ if (ebda)
+ ebda_kb_len = *(grub_uint16_t *) ebda;
+ if (ebda_kb_len > 16)
ebda_kb_len = 0;
ctx.ebda_len = (ebda_kb_len + 1) << 10;
_______________________________________________
Grub-devel mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/grub-devel
