ACK: [PATCH] lib: fwts_safe_mem: fix buffer end calculation
Alex Hung
alex.hung at canonical.com
Thu Nov 9 00:40:07 UTC 2017
On 2017-11-07 11:08 PM, Colin King wrote:
> From: Colin Ian King <colin.king at canonical.com>
>
> The calculation of the end of the buffer needs to take into account
> the size of the elements in the buffer; divide by the element size
> to get the correct size.
>
> Detected by CoverityScan, CID#1382558 ("Incorrect expression") and
> CID#1382559 ("Memory Corruptions")
>
> Fixes: ee769ccf294c ("hpet: fix the false alarm of hpet configuration test")
> Signed-off-by: Colin Ian King <colin.king at canonical.com>
> ---
> src/lib/src/fwts_safe_mem.c | 10 +++++++++-
> 1 file changed, 9 insertions(+), 1 deletion(-)
>
> diff --git a/src/lib/src/fwts_safe_mem.c b/src/lib/src/fwts_safe_mem.c
> index c6b09f9d..08ef8846 100644
> --- a/src/lib/src/fwts_safe_mem.c
> +++ b/src/lib/src/fwts_safe_mem.c
> @@ -93,12 +93,20 @@ int OPTIMIZE0 fwts_safe_memread(const void *src, const size_t n)
> return FWTS_OK;
> }
>
> +/*
> + * fwts_safe_memread()
> + * check we can safely read a region of memory. This catches
> + * SIGSEGV/SIGBUS errors and returns FWTS_ERROR if it is not
> + * readable or FWTS_OK if it's OK.
> + *
> + * n = number of of 32 bit words to check
> + */
> int OPTIMIZE0 fwts_safe_memread32(const void *src, const size_t n)
> {
> static uint32_t buffer[256];
> const uint32_t *ptr, *end = src + n;
> uint32_t *bufptr;
> - const uint32_t *bufend = buffer + sizeof(buffer);
> + const uint32_t *bufend = buffer + (sizeof(buffer) / sizeof(*buffer));
>
> if (sigsetjmp(jmpbuf, 1) != 0)
> return FWTS_ERROR;
>
Acked-by: Alex Hung <alex.hung at canonical.com>
More information about the fwts-devel
mailing list