AcpiCpuHotplug_add() can't handle vCPU arch IDs larger than
ACPI_CPU_HOTPLUG_ID_LIMIT. Instead of corrupting memory in case the vCPU
ID is too large, use g_assert() to ensure we are not over the limit.
Signed-off-by: Eduardo Habkost <ehabk...@redhat.com>
Reviewed-by: Laszlo Ersek <ler...@redhat.com>
---
hw/acpi/cpu_hotplug.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/hw/acpi/cpu_hotplug.c b/hw/acpi/cpu_hotplug.c
index 48928dc..2ad83a0 100644
--- a/hw/acpi/cpu_hotplug.c
+++ b/hw/acpi/cpu_hotplug.c
@@ -43,6 +43,7 @@ void AcpiCpuHotplug_add(ACPIGPE *gpe, AcpiCpuHotplug *g,
CPUState *cpu)
*gpe->sts = *gpe->sts | ACPI_CPU_HOTPLUG_STATUS;
cpu_id = k->get_arch_id(CPU(cpu));
+ g_assert((cpu_id / 8) < ACPI_GPE_PROC_LEN);
g->sts[cpu_id / 8] |= (1 << (cpu_id % 8));
}
--
1.8.5.3
