[PATCH] lib: sbi_domain: reject zero-size and overflowing ranges in sbi_domain_check_addr_range

[liutong]

`max = addr + size` is computed without overflow detection, and a
size of zero is not rejected. In both cases the `while (addr < max)`
loop executes zero times and the function falls through to
`return true` without actually checking any region against the
domain configuration.

Reject size == 0 and detect unsigned overflow of addr + size before
entering the loop.

Fixes: eab48c33a12d ("lib: sbi: Add sbi_domain_check_addr_range() function")
Signed-off-by: liutong <liutong at iscas.ac.cn>
---
Apologies for the earlier non-standard submission; resending as a
proper patch per docs/contributing.md.

 lib/sbi/sbi_domain.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/lib/sbi/sbi_domain.c b/lib/sbi/sbi_domain.c
index 7030848d..74a02057 100644
--- a/lib/sbi/sbi_domain.c
+++ b/lib/sbi/sbi_domain.c
@@ -499,12 +499,17 @@ bool sbi_domain_check_addr_range(const struct sbi_domain *dom,
 				 unsigned long mode,
 				 unsigned long access_flags)
 {
-	unsigned long max = addr + size;
+	unsigned long max;
 	const struct sbi_domain_memregion *reg, *sreg;
 
 	if (!dom)
 		return false;
 
+	if (!size || (addr + size) < addr)
+		return false;
+
+	max = addr + size;
+
 	while (addr < max) {
 		reg = find_region(dom, addr);
 		if (!reg)
-- 
2.34.1