:: commit 6a2d7ddfcf3f853149d1a95112f78e3bde67d47c
sys/lapic: Validate MADT I/O APIC entry length
diff --git a/common/sys/lapic.c b/common/sys/lapic.c
index 5820bdbc..39c688c3 100644
--- a/common/sys/lapic.c
+++ b/common/sys/lapic.c
@@ -114,6 +114,8 @@ void init_io_apics(void) {
}
switch (*madt_ptr) {
case 1: {
+ if (*(madt_ptr + 1) < sizeof(struct madt_io_apic))
+ continue;
max_io_apics++;
continue;
}
@@ -131,6 +133,8 @@ void init_io_apics(void) {
}
switch (*madt_ptr) {
case 1: {
+ if (*(madt_ptr + 1) < sizeof(struct madt_io_apic))
+ continue;
io_apics[max_io_apics++] = (void *)madt_ptr;
continue;
}
