From f969a08f033ab9ea23404a4709d045d0623afbc9 Mon Sep 17 00:00:00 2001
From: Kevin O'Connor <kevin@koconnor.net>
Date: Wed, 6 May 2009 23:21:13 -0400
Subject: [PATCH] Minor - verify e820 request is large enough to hold response.

---
 src/system.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/system.c b/src/system.c
index 798dc25..245e9cf 100644
--- a/src/system.c
+++ b/src/system.c
@@ -274,7 +274,8 @@ static void
 handle_15e820(struct bregs *regs)
 {
     int count = GET_GLOBAL(e820_count);
-    if (regs->edx != 0x534D4150 || regs->bx >= count) {
+    if (regs->edx != 0x534D4150 || regs->bx >= count
+        || regs->ecx < sizeof(e820_list[0])) {
         set_code_fail(regs, RET_EUNSUPPORTED);
         return;
     }
-- 
2.25.1