[coreboot] Coreboot bug?
ron minnich
rminnich at gmail.com
Wed Nov 11 21:50:25 CET 2009
It's not my favorite piece of code.
> unsigned char option_table[] = {
> 0xc8,0x00,0x00,0x00,0x88,0x04,0x00,0x00,0x0c,0x00,
Second 32 bits 0x88,0x04,0x00,0x00 is the length. We're small endian.
So it's 0x488 or 1160 bytes. Does that match?
So this struct:
> struct lb_record {
> uint32_t tag; /* tag ID */
> uint32_t size; /* size of record (in bytes) */
> };
is a header of a variable length record.
ron
On Wed, Nov 11, 2009 at 11:31 AM, Myles Watson <mylesgw at gmail.com> wrote:
> src/arch/i386/boot/coreboot_table.c: In function 'write_coreboot_table':
> src/arch/i386/boot/coreboot_table.c:492: warning: dereferencing
> pointer 'rec_src' does break strict-aliasing rules
> src/arch/i386/boot/coreboot_table.c:491: note: initialized from here
>
> #if (CONFIG_HAVE_OPTION_TABLE == 1)
> {
> struct lb_record *rec_dest, *rec_src;
> /* Write the option config table... */
> rec_dest = lb_new_record(head);
> rec_src = (struct lb_record *)(void *)&option_table;
> memcpy(rec_dest, rec_src, rec_src->size);
> /* Create cmos checksum entry in coreboot table */
> lb_cmos_checksum(head);
> }
> #endif
>
> from option_table.c:
> unsigned char option_table[] = {
> 0xc8,0x00,0x00,0x00,0x88,0x04,0x00,0x00,0x0c,0x00,
> ...
>
> from src/include/boot/coreboot_tables.h:
> struct lb_record {
> uint32_t tag; /* tag ID */
> uint32_t size; /* size of record (in bytes) */
> };
>
> Why are we casting it as a lb_record * then using that size field in the copy?
>
> Thanks,
> Myles
>
> --
> coreboot mailing list: coreboot at coreboot.org
> http://www.coreboot.org/mailman/listinfo/coreboot
>
More information about the coreboot
mailing list