Edward O'Callaghan (eocallaghan@alterapraxis.com) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/5801
-gerrit
commit de3e51b1c20aafb5f764156892fe58323fa416b1 Author: Edward O'Callaghan eocallaghan@alterapraxis.com Date: Thu May 22 03:36:22 2014 +1000
amd/agesa/f1?/Lib/amdlib.c: Integer overflow in loop construct
The semantics of this loop relies on an integer overflow in Index >=0 that implies a return value of (UINT8)-1 which around wraps to 0xFF, or VOLT_UNSUPPORTED.
Change-Id: I44d68973d0a80093350b2a8a4d3b46bfbb57917a Signed-off-by: Edward O'Callaghan eocallaghan@alterapraxis.com --- src/vendorcode/amd/agesa/f10/Lib/amdlib.c | 6 +++--- src/vendorcode/amd/agesa/f12/Lib/amdlib.c | 6 +++--- src/vendorcode/amd/agesa/f14/Lib/amdlib.c | 6 +++--- src/vendorcode/amd/agesa/f15/Lib/amdlib.c | 6 +++--- src/vendorcode/amd/agesa/f15tn/Lib/amdlib.c | 6 +++--- 5 files changed, 15 insertions(+), 15 deletions(-)
diff --git a/src/vendorcode/amd/agesa/f10/Lib/amdlib.c b/src/vendorcode/amd/agesa/f10/Lib/amdlib.c index d88eee7..83e6a00 100644 --- a/src/vendorcode/amd/agesa/f10/Lib/amdlib.c +++ b/src/vendorcode/amd/agesa/f10/Lib/amdlib.c @@ -344,11 +344,11 @@ LibAmdBitScanReverse ( IN UINT32 value ) { - UINTN Index; + UINT8 Index; for (Index = 31; Index >= 0; Index--){ - if (value & (1 << Index)) break; + if (value & (1 << Index)) return Index; } - return (UINT8) Index; + return 0xFF; } VOID LibAmdMsrRead ( diff --git a/src/vendorcode/amd/agesa/f12/Lib/amdlib.c b/src/vendorcode/amd/agesa/f12/Lib/amdlib.c index cb8f695..f88eb98 100644 --- a/src/vendorcode/amd/agesa/f12/Lib/amdlib.c +++ b/src/vendorcode/amd/agesa/f12/Lib/amdlib.c @@ -348,11 +348,11 @@ LibAmdBitScanReverse ( IN UINT32 value ) { - UINTN Index; + UINT8 Index; for (Index = 31; Index >= 0; Index--){ - if (value & (1 << Index)) break; + if (value & (1 << Index)) return Index; } - return (UINT8) Index; + return 0xFF; } VOID LibAmdMsrRead ( diff --git a/src/vendorcode/amd/agesa/f14/Lib/amdlib.c b/src/vendorcode/amd/agesa/f14/Lib/amdlib.c index 31b3f1e..c1fa494 100644 --- a/src/vendorcode/amd/agesa/f14/Lib/amdlib.c +++ b/src/vendorcode/amd/agesa/f14/Lib/amdlib.c @@ -348,11 +348,11 @@ LibAmdBitScanReverse ( IN UINT32 value ) { - UINTN Index; + UINT8 Index; for (Index = 31; Index >= 0; Index--){ - if (value & (1 << Index)) break; + if (value & (1 << Index)) return Index; } - return (UINT8) Index; + return 0xFF; } VOID LibAmdMsrRead ( diff --git a/src/vendorcode/amd/agesa/f15/Lib/amdlib.c b/src/vendorcode/amd/agesa/f15/Lib/amdlib.c index e51a971..1180ad2 100644 --- a/src/vendorcode/amd/agesa/f15/Lib/amdlib.c +++ b/src/vendorcode/amd/agesa/f15/Lib/amdlib.c @@ -348,11 +348,11 @@ LibAmdBitScanReverse ( IN UINT32 value ) { - UINTN Index; + UINT8 Index; for (Index = 31; Index >= 0; Index--){ - if (value & (1 << Index)) break; + if (value & (1 << Index)) return Index; } - return (UINT8) Index; + return 0xFF; }
UINT64 diff --git a/src/vendorcode/amd/agesa/f15tn/Lib/amdlib.c b/src/vendorcode/amd/agesa/f15tn/Lib/amdlib.c index 55adc8a..9646e6d 100644 --- a/src/vendorcode/amd/agesa/f15tn/Lib/amdlib.c +++ b/src/vendorcode/amd/agesa/f15tn/Lib/amdlib.c @@ -359,11 +359,11 @@ LibAmdBitScanReverse ( IN UINT32 value ) { - UINTN Index; + UINT8 Index; for (Index = 31; Index >= 0; Index--){ - if (value & (1 << Index)) break; + if (value & (1 << Index)) return Index; } - return (UINT8) Index; + return 0xFF; } VOID LibAmdMsrRead (