| Message ID | 20171107150853.31901-1-colin.king@canonical.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | lib: fwts_safe_mem: fix buffer end calculation | expand |
On 2017-11-07 11:08 PM, Colin King wrote: > From: Colin Ian King <colin.king@canonical.com> > > The calculation of the end of the buffer needs to take into account > the size of the elements in the buffer; divide by the element size > to get the correct size. > > Detected by CoverityScan, CID#1382558 ("Incorrect expression") and > CID#1382559 ("Memory Corruptions") > > Fixes: ee769ccf294c ("hpet: fix the false alarm of hpet configuration test") > Signed-off-by: Colin Ian King <colin.king@canonical.com> > --- > src/lib/src/fwts_safe_mem.c | 10 +++++++++- > 1 file changed, 9 insertions(+), 1 deletion(-) > > diff --git a/src/lib/src/fwts_safe_mem.c b/src/lib/src/fwts_safe_mem.c > index c6b09f9d..08ef8846 100644 > --- a/src/lib/src/fwts_safe_mem.c > +++ b/src/lib/src/fwts_safe_mem.c > @@ -93,12 +93,20 @@ int OPTIMIZE0 fwts_safe_memread(const void *src, const size_t n) > return FWTS_OK; > } > > +/* > + * fwts_safe_memread() > + * check we can safely read a region of memory. This catches > + * SIGSEGV/SIGBUS errors and returns FWTS_ERROR if it is not > + * readable or FWTS_OK if it's OK. > + * > + * n = number of of 32 bit words to check > + */ > int OPTIMIZE0 fwts_safe_memread32(const void *src, const size_t n) > { > static uint32_t buffer[256]; > const uint32_t *ptr, *end = src + n; > uint32_t *bufptr; > - const uint32_t *bufend = buffer + sizeof(buffer); > + const uint32_t *bufend = buffer + (sizeof(buffer) / sizeof(*buffer)); > > if (sigsetjmp(jmpbuf, 1) != 0) > return FWTS_ERROR; > Acked-by: Alex Hung <alex.hung@canonical.com>
On 7 November 2017 at 23:08, Colin King <colin.king@canonical.com> wrote: > > From: Colin Ian King <colin.king@canonical.com> > > The calculation of the end of the buffer needs to take into account > the size of the elements in the buffer; divide by the element size > to get the correct size. > > Detected by CoverityScan, CID#1382558 ("Incorrect expression") and > CID#1382559 ("Memory Corruptions") > > Fixes: ee769ccf294c ("hpet: fix the false alarm of hpet configuration test") > Signed-off-by: Colin Ian King <colin.king@canonical.com> > --- > src/lib/src/fwts_safe_mem.c | 10 +++++++++- > 1 file changed, 9 insertions(+), 1 deletion(-) > > diff --git a/src/lib/src/fwts_safe_mem.c b/src/lib/src/fwts_safe_mem.c > index c6b09f9d..08ef8846 100644 > --- a/src/lib/src/fwts_safe_mem.c > +++ b/src/lib/src/fwts_safe_mem.c > @@ -93,12 +93,20 @@ int OPTIMIZE0 fwts_safe_memread(const void *src, const size_t n) > return FWTS_OK; > } > > +/* > + * fwts_safe_memread() > + * check we can safely read a region of memory. This catches > + * SIGSEGV/SIGBUS errors and returns FWTS_ERROR if it is not > + * readable or FWTS_OK if it's OK. > + * > + * n = number of of 32 bit words to check > + */ > int OPTIMIZE0 fwts_safe_memread32(const void *src, const size_t n) > { > static uint32_t buffer[256]; > const uint32_t *ptr, *end = src + n; > uint32_t *bufptr; > - const uint32_t *bufend = buffer + sizeof(buffer); > + const uint32_t *bufend = buffer + (sizeof(buffer) / sizeof(*buffer)); > > if (sigsetjmp(jmpbuf, 1) != 0) > return FWTS_ERROR; Acked-by: Anthony Wong <anthony.wong@canonical.com>
diff --git a/src/lib/src/fwts_safe_mem.c b/src/lib/src/fwts_safe_mem.c index c6b09f9d..08ef8846 100644 --- a/src/lib/src/fwts_safe_mem.c +++ b/src/lib/src/fwts_safe_mem.c @@ -93,12 +93,20 @@ int OPTIMIZE0 fwts_safe_memread(const void *src, const size_t n) return FWTS_OK; } +/* + * fwts_safe_memread() + * check we can safely read a region of memory. This catches + * SIGSEGV/SIGBUS errors and returns FWTS_ERROR if it is not + * readable or FWTS_OK if it's OK. + * + * n = number of of 32 bit words to check + */ int OPTIMIZE0 fwts_safe_memread32(const void *src, const size_t n) { static uint32_t buffer[256]; const uint32_t *ptr, *end = src + n; uint32_t *bufptr; - const uint32_t *bufend = buffer + sizeof(buffer); + const uint32_t *bufend = buffer + (sizeof(buffer) / sizeof(*buffer)); if (sigsetjmp(jmpbuf, 1) != 0) return FWTS_ERROR;