# Pastebin RIsJHeKH From b953e6a704aca58eb7f0f676fa851f1ae8b4114b Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Sun, 23 Jul 2023 15:09:19 -0600 Subject: [PATCH 08/12] x86: Correct copying of BIOS mode information This is copying beyond the end of the destination buffer. Correct this by using a constant for the buffer size. This long-standing bug prevents virtio bootdevs working correctly on qemu-x86 at present. Signed-off-by: Simon Glass Fixes: 0ca2426beae ("x86: Add support for running option ROMs natively") --- (no changes since v1) arch/x86/lib/bios.c | 2 +- include/vesa.h | 4 +++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/arch/x86/lib/bios.c b/arch/x86/lib/bios.c index e29cae78e50..3a9d7f5ddd4 100644 --- a/arch/x86/lib/bios.c +++ b/arch/x86/lib/bios.c @@ -204,7 +204,7 @@ static u8 vbe_get_mode_info(struct vesa_state *mi) realmode_interrupt(0x10, VESA_GET_MODE_INFO, 0x0000, mi->video_mode, 0x0000, buffer_seg, buffer_adr); - memcpy(mi->mode_info_block, buffer, sizeof(struct vesa_state)); + memcpy(mi->mode_info_block, buffer, VESA_MODE_INFO_SIZE); mi->valid = true; return 0; diff --git a/include/vesa.h b/include/vesa.h index 9285bfa921a..28828ab56aa 100644 --- a/include/vesa.h +++ b/include/vesa.h @@ -83,12 +83,14 @@ struct __packed vesa_mode_info { u8 reserved[206]; }; +#define VESA_MODE_INFO_SIZE 256 + struct vesa_state { u16 video_mode; bool valid; union { struct vesa_mode_info vesa; - u8 mode_info_block[256]; + u8 mode_info_block[VESA_MODE_INFO_SIZE]; }; }; -- 2.34.1