splatink/lbmk
1
0
Fork 0
mirror of https://codeberg.org/libreboot/lbmk.git synced 2026-03-25 13:29:03 +02:00
Code Issues Packages Projects Releases Wiki Activity

util/nvmutil: rw: safer bound check

Browse Source 
avoid pointer-range overflow arithmetic. this
patch doesn't change behaviour, but makes an
overflow impossible.

Signed-off-by: Leah Rowe <leah@libreboot.org>
This commit is contained in:
Leah Rowe
2026-03-14 23:23:01 +00:00
parent e97f64cb33
commit 9d7e990df4
1 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
util/nvmutil/nvmutil.c
View File

@@ -1812,18 +1812,20 @@ rw_gbe_file_exact(int fd, u8 *mem, size_t nrw,
{
size_t mem_addr;
size_t buf_addr;
size_t buf_end;
if (mem == NULL)
goto err_rw_gbe_file_exact;
mem_addr = (size_t)(void *)mem;
buf_addr = (size_t)(void *)buf;
buf_end = buf_addr + (size_t)GBE_FILE_SIZE;
if (mem != (void *)pad &&
(mem_addr < buf_addr || mem_addr >= buf_end))
goto err_rw_gbe_file_exact;
if (mem != (void *)pad) {
if (mem_addr < buf_addr)
goto err_rw_gbe_file_exact;
if ((mem_addr - buf_addr) >= (size_t)GBE_FILE_SIZE)
goto err_rw_gbe_file_exact;
}
if (off < 0 || off >= gbe_file_size)
goto err_rw_gbe_file_exact;