From 3c7db22a194d3b53584047425af82b4e1e03d9f7 Mon Sep 17 00:00:00 2001 From: Bob Moore Date: Mon, 4 Aug 2008 11:13:01 +0800 Subject: [PATCH] ACPICA: Additional error checking for pathname utilities Add error check after all calls to acpi_ns_get_pathname_length. Add status return from acpi_ns_build_external_path and check after all calls. Add parameter validation to acpi_ut_initialize_buffer. Reported by and initial patch by Ingo Molnar. http://lkml.org/lkml/2008/7/21/176 Signed-off-by: Bob Moore Signed-off-by: Lin Ming Signed-off-by: Andi Kleen --- drivers/acpi/namespace/nsnames.c | 34 ++++++++++++++++++++----------- drivers/acpi/resources/rscalc.c | 3 +++ drivers/acpi/utilities/utalloc.c | 8 +++++--- drivers/acpi/utilities/utobject.c | 13 ++++++++---- include/acpi/acnamesp.h | 2 +- 5 files changed, 40 insertions(+), 20 deletions(-) diff --git a/drivers/acpi/namespace/nsnames.c b/drivers/acpi/namespace/nsnames.c index 549db42f16cf..bd5773878009 100644 --- a/drivers/acpi/namespace/nsnames.c +++ b/drivers/acpi/namespace/nsnames.c @@ -56,13 +56,14 @@ ACPI_MODULE_NAME("nsnames") * Size - Size of the pathname * *name_buffer - Where to return the pathname * - * RETURN: Places the pathname into the name_buffer, in external format + * RETURN: Status + * Places the pathname into the name_buffer, in external format * (name segments separated by path separators) * * DESCRIPTION: Generate a full pathaname * ******************************************************************************/ -void +acpi_status acpi_ns_build_external_path(struct acpi_namespace_node *node, acpi_size size, char *name_buffer) { @@ -77,7 +78,7 @@ acpi_ns_build_external_path(struct acpi_namespace_node *node, if (index < ACPI_NAME_SIZE) { name_buffer[0] = AML_ROOT_PREFIX; name_buffer[1] = 0; - return; + return (AE_OK); } /* Store terminator byte, then build name backwards */ @@ -105,11 +106,13 @@ acpi_ns_build_external_path(struct acpi_namespace_node *node, if (index != 0) { ACPI_ERROR((AE_INFO, - "Could not construct pathname; index=%X, size=%X, Path=%s", + "Could not construct external pathname; index=%X, size=%X, Path=%s", (u32) index, (u32) size, &name_buffer[size])); + + return (AE_BAD_PARAMETER); } - return; + return (AE_OK); } #ifdef ACPI_DEBUG_OUTPUT @@ -129,6 +132,7 @@ acpi_ns_build_external_path(struct acpi_namespace_node *node, char *acpi_ns_get_external_pathname(struct acpi_namespace_node *node) { + acpi_status status; char *name_buffer; acpi_size size; @@ -138,8 +142,7 @@ char *acpi_ns_get_external_pathname(struct acpi_namespace_node *node) size = acpi_ns_get_pathname_length(node); if (!size) { - ACPI_ERROR((AE_INFO, "Invalid node failure")); - return_PTR(NULL); + return (NULL); } /* Allocate a buffer to be returned to caller */ @@ -152,7 +155,11 @@ char *acpi_ns_get_external_pathname(struct acpi_namespace_node *node) /* Build the path in the allocated buffer */ - acpi_ns_build_external_path(node, size, name_buffer); + status = acpi_ns_build_external_path(node, size, name_buffer); + if (ACPI_FAILURE(status)) { + return (NULL); + } + return_PTR(name_buffer); } #endif @@ -186,7 +193,7 @@ acpi_size acpi_ns_get_pathname_length(struct acpi_namespace_node *node) while (next_node && (next_node != acpi_gbl_root_node)) { if (ACPI_GET_DESCRIPTOR_TYPE(next_node) != ACPI_DESC_TYPE_NAMED) { ACPI_ERROR((AE_INFO, - "Invalid NS Node (%p) while traversing path", + "Invalid Namespace Node (%p) while traversing namespace", next_node)); return 0; } @@ -234,8 +241,7 @@ acpi_ns_handle_to_pathname(acpi_handle target_handle, required_size = acpi_ns_get_pathname_length(node); if (!required_size) { - ACPI_ERROR((AE_INFO, "Invalid node failure")); - return_ACPI_STATUS(AE_ERROR); + return_ACPI_STATUS(AE_BAD_PARAMETER); } /* Validate/Allocate/Clear caller buffer */ @@ -247,7 +253,11 @@ acpi_ns_handle_to_pathname(acpi_handle target_handle, /* Build the path in the caller buffer */ - acpi_ns_build_external_path(node, required_size, buffer->pointer); + status = + acpi_ns_build_external_path(node, required_size, buffer->pointer); + if (ACPI_FAILURE(status)) { + return_ACPI_STATUS(status); + } ACPI_DEBUG_PRINT((ACPI_DB_EXEC, "%s [%X]\n", (char *)buffer->pointer, (u32) required_size)); diff --git a/drivers/acpi/resources/rscalc.c b/drivers/acpi/resources/rscalc.c index f61ebc679e66..d9063ea414e3 100644 --- a/drivers/acpi/resources/rscalc.c +++ b/drivers/acpi/resources/rscalc.c @@ -587,6 +587,9 @@ acpi_rs_get_pci_routing_table_length(union acpi_operand_object *package_object, } else { temp_size_needed += acpi_ns_get_pathname_length((*sub_object_list)->reference.node); + if (!temp_size_needed) { + return_ACPI_STATUS(AE_BAD_PARAMETER); + } } } else { /* diff --git a/drivers/acpi/utilities/utalloc.c b/drivers/acpi/utilities/utalloc.c index e7bf34a7b1d2..7dcb67e0b215 100644 --- a/drivers/acpi/utilities/utalloc.c +++ b/drivers/acpi/utilities/utalloc.c @@ -242,10 +242,12 @@ acpi_ut_initialize_buffer(struct acpi_buffer * buffer, { acpi_status status = AE_OK; - if (!required_length) { - WARN_ON(1); - return AE_ERROR; + /* Parameter validation */ + + if (!buffer || !required_length) { + return (AE_BAD_PARAMETER); } + switch (buffer->length) { case ACPI_NO_BUFFER: diff --git a/drivers/acpi/utilities/utobject.c b/drivers/acpi/utilities/utobject.c index e25484495e65..916eff399eb3 100644 --- a/drivers/acpi/utilities/utobject.c +++ b/drivers/acpi/utilities/utobject.c @@ -425,6 +425,7 @@ acpi_ut_get_simple_object_size(union acpi_operand_object *internal_object, acpi_size * obj_length) { acpi_size length; + acpi_size size; acpi_status status = AE_OK; ACPI_FUNCTION_TRACE_PTR(ut_get_simple_object_size, internal_object); @@ -484,10 +485,14 @@ acpi_ut_get_simple_object_size(union acpi_operand_object *internal_object, * Get the actual length of the full pathname to this object. * The reference will be converted to the pathname to the object */ - length += - ACPI_ROUND_UP_TO_NATIVE_WORD - (acpi_ns_get_pathname_length - (internal_object->reference.node)); + size = + acpi_ns_get_pathname_length(internal_object-> + reference.node); + if (!size) { + return_ACPI_STATUS(AE_BAD_PARAMETER); + } + + length += ACPI_ROUND_UP_TO_NATIVE_WORD(size); break; default: diff --git a/include/acpi/acnamesp.h b/include/acpi/acnamesp.h index 9ed70a050580..c34008507b69 100644 --- a/include/acpi/acnamesp.h +++ b/include/acpi/acnamesp.h @@ -182,7 +182,7 @@ acpi_status acpi_ns_evaluate(struct acpi_evaluate_info *info); */ u32 acpi_ns_opens_scope(acpi_object_type type); -void +acpi_status acpi_ns_build_external_path(struct acpi_namespace_node *node, acpi_size size, char *name_buffer); -- 2.34.1