[PATCH v2 1/1] lib: utils: fdt_fixup: avoid buffer overrun
Xiang W
wxjstz at 126.com
Fri Mar 31 06:26:54 PDT 2023
在 2023-03-31星期五的 15:15 +0200,Heinrich Schuchardt写道:
> fdt_reserved_memory_fixup() uses filtered_order[PMP_COUNT]. The index
> must not reach PMP_COUNT.
>
> Fixes: 199189bd1c17 ("lib: utils: Mark only the largest region as reserved in FDT")
> Addresses-Coverity-ID: 1536994 ("Out-of-bounds write")
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
LGTM
Reviewed-by: Xiang W <wxjstz at 126.com>
> ---
> v2:
> fix typo in commit message
> ---
> lib/utils/fdt/fdt_fixup.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/utils/fdt/fdt_fixup.c b/lib/utils/fdt/fdt_fixup.c
> index c10179b..ae6be00 100644
> --- a/lib/utils/fdt/fdt_fixup.c
> +++ b/lib/utils/fdt/fdt_fixup.c
> @@ -355,7 +355,7 @@ int fdt_reserved_memory_fixup(void *fdt)
> if (reg->flags & SBI_DOMAIN_MEMREGION_SU_EXECUTABLE)
> continue;
>
> - if (i > PMP_COUNT) {
> + if (i >= PMP_COUNT) {
> sbi_printf("%s: Too many memory regions to fixup.\n",
> __func__);
> return SBI_ENOSPC;
> --
> 2.39.2
>
>
More information about the opensbi
mailing list