[PATCH] lib: sbi: Fix integer overflow in is_region_subset
Xiang W
wxjstz at 126.com
Wed Oct 16 10:53:19 PDT 2024
When calculating the end address of memregion, shifting may overflow.
Add code to avoid it.
Signed-off-by: Xiang W <wxjstz at 126.com>
---
lib/sbi/sbi_domain.c | 8 ++++++--
1 file changed, 6 insertions(+), 2 deletions(-)
diff --git a/lib/sbi/sbi_domain.c b/lib/sbi/sbi_domain.c
index feb2392..4c10cb1 100644
--- a/lib/sbi/sbi_domain.c
+++ b/lib/sbi/sbi_domain.c
@@ -191,9 +191,13 @@ static bool is_region_subset(const struct sbi_domain_memregion *regA,
const struct sbi_domain_memregion *regB)
{
ulong regA_start = regA->base;
- ulong regA_end = regA->base + (BIT(regA->order) - 1);
+ ulong regA_end = regA->order < __riscv_xlen ?
+ regA->base + (BIT(regA->order) - 1) :
+ -1UL;
ulong regB_start = regB->base;
- ulong regB_end = regB->base + (BIT(regB->order) - 1);
+ ulong regB_end = regB->order < __riscv_xlen ?
+ regB->base + (BIT(regB->order) - 1) :
+ -1UL;
if ((regB_start <= regA_start) &&
(regA_start < regB_end) &&
--
2.45.2
More information about the opensbi
mailing list