Blob Blame History Raw
From d6987c081c5b0d1a2d9083b3d50fb78c63ab4904 Mon Sep 17 00:00:00 2001
From: Kay Sievers <kay@vrfy.org>
Date: Thu, 10 Oct 2013 01:38:11 +0200
Subject: [PATCH] do not accept "garbage" from acpi firmware performance data
 (FPDT)

00000000  46 42 50 54 38 00 00 00  02 00 30 02 00 00 00 00  |FBPT8.....0.....|
00000010  23 45 00 00 00 00 00 00  00 00 00 00 00 00 00 00  |#E..............|
00000020  f5 6a 51 00 00 00 00 00  00 00 00 00 00 00 00 00  |.jQ.............|
00000030  00 00 00 00 00 00 00 00  70 74 61 6c 58 00 00 00  |........ptalX...|
---
 src/shared/acpi-fpdt.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/shared/acpi-fpdt.c b/src/shared/acpi-fpdt.c
index af58c7c..75648b4 100644
--- a/src/shared/acpi-fpdt.c
+++ b/src/shared/acpi-fpdt.c
@@ -146,6 +146,11 @@ int acpi_get_boot_usec(usec_t *loader_start, usec_t *loader_exit) {
         if (brec.type != ACPI_FPDT_BOOT_REC)
                 return -EINVAL;
 
+        if (brec.startup_start == 0 || brec.exit_services_exit < brec.startup_start)
+                return -EINVAL;
+        if (brec.exit_services_exit > NSEC_PER_HOUR)
+                return -EINVAL;
+
         if (loader_start)
                 *loader_start = brec.startup_start / 1000;
         if (loader_exit)