dump/win_dump: limit number of processed PRCBs

When number of CPUs utilized by guest Windows is less than defined in QEMU (i.e., desktop versions of Windows severely limits number of CPU sockets), patch_and_save_context routine accesses non-existent PRCB and fails. So, limit number of processed PRCBs by NumberProcessors taken from guest Windows driver. Signed-off-by: Viktor Prutyanov <[email protected]> Reviewed-by: Marc-André Lureau <[email protected]> Message-Id: <[email protected]>
antangelo · Oct 26, 2022 · e38c24c · e38c24c
1 parent 113d8f4
commit e38c24c
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/dump/win_dump.c b/dump/win_dump.c
@@ -273,6 +273,13 @@ static void patch_and_save_context(WinDumpHeader *h, bool x64,
         uint64_t Context;
         WinContext ctx;
 
+        if (i >= WIN_DUMP_FIELD(NumberProcessors)) {
+            warn_report("win-dump: number of QEMU CPUs is bigger than"
+                        " NumberProcessors (%u) in guest Windows",
+                        WIN_DUMP_FIELD(NumberProcessors));
+            return;
+        }
+
         if (cpu_read_ptr(x64, first_cpu,
                 KiProcessorBlock + i * win_dump_ptr_size(x64),
                 &Prcb)) {