From 647f70c8bb27e3f77b133a4e9501a8afb10fc3f4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Kristian=20H=C3=B8gsberg?= <krh@fedoraproject.org>
Date: Mon, 16 Feb 2009 01:30:14 +0000
Subject: [PATCH] - Don't read more than the advertised rom_size.

---
 libpciaccess-rom-size.patch | 15 +++++++++++++++
 libpciaccess.spec           |  7 ++++++-
 2 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 libpciaccess-rom-size.patch

diff --git a/libpciaccess-rom-size.patch b/libpciaccess-rom-size.patch
new file mode 100644
index 0000000..959b8ad
--- /dev/null
+++ b/libpciaccess-rom-size.patch
@@ -0,0 +1,15 @@
+diff --git a/src/linux_sysfs.c b/src/linux_sysfs.c
+index 8c3cf67..ae9f38e 100644
+--- a/src/linux_sysfs.c
++++ b/src/linux_sysfs.c
+@@ -338,6 +338,10 @@ pci_device_linux_sysfs_read_rom( struct pci_device * dev, void * buffer )
+     if ( rom_size == 0 )
+ 	rom_size = 0x10000;
+ 
++    /* The caller has allocated dev->rom_size so cap the read amount. */
++    if ( rom_size > dev->rom_size )
++	rom_size = dev->rom_size;
++
+     /* This is a quirky thing on Linux.  Even though the ROM and the file
+      * for the ROM in sysfs are read-only, the string "1" must be written to
+      * the file to enable the ROM.  After the data has been read, "0" must be
diff --git a/libpciaccess.spec b/libpciaccess.spec
index e852c95..b1f44fc 100644
--- a/libpciaccess.spec
+++ b/libpciaccess.spec
@@ -3,7 +3,7 @@
 
 Name:           libpciaccess
 Version:        0.10.3
-Release:        3%{?dist}
+Release:        4%{?dist}
 Summary:        PCI access library
 
 Group:          System Environment/Libraries
@@ -19,6 +19,7 @@ BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 Patch0:		libpciaccess-fd-cache.patch
 Patch1:		libpciaccess-kludge-wc-mmap.patch
+Patch2:		libpciaccess-rom-size.patch
 
 BuildRequires:  autoconf automake libtool pkgconfig
 Requires:       hwdata
@@ -40,6 +41,7 @@ Development package for libpciaccess.
 %setup -q -n %{name}-%{version}
 %patch0 -p1 -b .cache
 %patch1 -p1 -b .wc
+%patch2 -p1 -b .rom-size
 
 %build
 #autoreconf -v --install
@@ -70,6 +72,9 @@ rm -rf $RPM_BUILD_ROOT
 %{_libdir}/pkgconfig/pciaccess.pc
 
 %changelog
+* Sun Feb 15 2009 Kristian Høgsberg <krh@redhat.com> - 0.10.3-4
+- Don't read more than the advertised rom_size.
+
 * Thu Aug 28 2008 Adam Jackson <ajax@redhat.com> 0.10.3-3
 - Rediff for --fuzz=0