[PATCH 6/9] x86: Correct copying of BIOS mode information

[Simon Glass]

This is copying beyond the end of the destination buffer. Correct the code
by using a constant for the buffer size.

This long-standing bug prevents virtio bootdevs working correctly on
qemu-x86 at present.

Signed-off-by: Simon Glass <sjg at chromium.org>
Fixes: 0ca2426beae ("x86: Add support for running option ROMs natively")
---

 arch/x86/lib/bios.c | 2 +-
 include/vesa.h      | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/arch/x86/lib/bios.c b/arch/x86/lib/bios.c
index e29cae78e509..3a9d7f5ddd41 100644
--- a/arch/x86/lib/bios.c
+++ b/arch/x86/lib/bios.c
@@ -204,7 +204,7 @@ static u8 vbe_get_mode_info(struct vesa_state *mi)
 
 	realmode_interrupt(0x10, VESA_GET_MODE_INFO, 0x0000, mi->video_mode,
 			   0x0000, buffer_seg, buffer_adr);
-	memcpy(mi->mode_info_block, buffer, sizeof(struct vesa_state));
+	memcpy(mi->mode_info_block, buffer, VESA_MODE_INFO_SIZE);
 	mi->valid = true;
 
 	return 0;
diff --git a/include/vesa.h b/include/vesa.h
index 9285bfa921a2..28828ab56aa4 100644
--- a/include/vesa.h
+++ b/include/vesa.h
@@ -83,12 +83,14 @@ struct __packed vesa_mode_info {
 	u8 reserved[206];
 };
 
+#define VESA_MODE_INFO_SIZE	256
+
 struct vesa_state {
 	u16 video_mode;
 	bool valid;
 	union {
 		struct vesa_mode_info vesa;
-		u8 mode_info_block[256];
+		u8 mode_info_block[VESA_MODE_INFO_SIZE];
 	};
 };
 
-- 
2.41.0.487.g6d72f3e995-goog