The semantics of the bus:dev.fn parameter passed to pci_find_next()
are "find the first existent PCI device at this address or higher",
with the caller expected to increment the address between finding
devices. This does not allow the parameter to distinguish between the
two cases "start from address zero" and "wrapped after incrementing
maximal possible address", which could therefore lead to an infinite
loop in the degenerate case that a device with address ffff:ff:1f.7
really exists.
Fix by checking for wraparound in the caller (which is already
responsible for performing the increment).
Signed-off-by: Michael Brown <mcb30@ipxe.org>
uint32_t busdevfn = 0;
int rc;
- for ( busdevfn = 0 ; 1 ; busdevfn++ ) {
-
+ do {
/* Allocate struct pci_device */
if ( ! pci )
pci = malloc ( sizeof ( *pci ) );
/* Not registered; re-use struct pci_device */
list_del ( &pci->dev.siblings );
}
- }
+
+ } while ( ++busdevfn );
free ( pci );
return 0;
*/
#include <stdio.h>
+#include <errno.h>
#include <getopt.h>
#include <ipxe/pci.h>
#include <ipxe/command.h>
} else {
/* Setting is defined: start searching from next location */
busdevfn = ( prev + 1 );
+ if ( ! busdevfn ) {
+ rc = -ENOENT;
+ goto err_end;
+ }
}
/* Find next existent PCI device */
}
err_store:
+ err_end:
err_find_next:
err_parse_setting:
err_parse_options:
#define ERRFILE_linux_sysfs ( ERRFILE_OTHER | 0x00560000 )
#define ERRFILE_linux_acpi ( ERRFILE_OTHER | 0x00570000 )
#define ERRFILE_dynkeymap ( ERRFILE_OTHER | 0x00580000 )
+#define ERRFILE_pci_cmd ( ERRFILE_OTHER | 0x00590000 )
/** @} */
projects / thirdparty / ipxe.git / commitdiff
