num_sifr could go negative since acpi_pcc_get_sqty() returns -EINVAL
on error.  Then it could bypass the sanity check (num_sifr > 255).
The subsequent call to kzalloc() would allocate a small buffer, leading
to a memory corruption.
Signed-off-by: NXi Wang <xi.wang@gmail.com>
Signed-off-by: NMatthew Garrett <mjg@redhat.com>