- Don't read more than the advertised rom_size.

libpciaccess-rom-size.patch

@@ -0,0 +1,15 @@
+diff --git a/src/linux_sysfs.c b/src/linux_sysfs.c
+index 8c3cf67..ae9f38e 100644
+--- a/src/linux_sysfs.c
++++ b/src/linux_sysfs.c
+@@ -338,6 +338,10 @@ pci_device_linux_sysfs_read_rom( struct pci_device * dev, void * buffer )
+     if ( rom_size == 0 )
+ 	rom_size = 0x10000;
+ 
++    /* The caller has allocated dev->rom_size so cap the read amount. */
++    if ( rom_size > dev->rom_size )
++	rom_size = dev->rom_size;
++
+     /* This is a quirky thing on Linux.  Even though the ROM and the file
+      * for the ROM in sysfs are read-only, the string "1" must be written to
+      * the file to enable the ROM.  After the data has been read, "0" must be

libpciaccess.spec

@@ -3,7 +3,7 @@
 
 Name:           libpciaccess
 Version:        0.10.3
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        PCI access library
 
 Group:          System Environment/Libraries
@@ -19,6 +19,7 @@ BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 Patch0:		libpciaccess-fd-cache.patch
 Patch1:		libpciaccess-kludge-wc-mmap.patch
+Patch2:		libpciaccess-rom-size.patch
 
 BuildRequires:  autoconf automake libtool pkgconfig
 Requires:       hwdata
@@ -40,6 +41,7 @@ Development package for libpciaccess.
 %setup -q -n %{name}-%{version}
 %patch0 -p1 -b .cache
 %patch1 -p1 -b .wc
+%patch2 -p1 -b .rom-size
 
 %build
 #autoreconf -v --install
@@ -70,6 +72,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/pkgconfig/pciaccess.pc
 
 %changelog
+* Sun Feb 15 2009 Kristian Høgsberg <krh@redhat.com> - 0.10.3-4
+- Don't read more than the advertised rom_size.
+
 * Thu Aug 28 2008 Adam Jackson <ajax@redhat.com> 0.10.3-3
 - Rediff for --fuzz=0