Aaron Durbin has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/45459 )
Change subject: lib/spd: respect spd memory part name override if present
......................................................................
Patch Set 13:
(1 comment)
https://review.coreboot.org/c/coreboot/+/45459/12/src/lib/spd_bin.c
File src/lib/spd_bin.c:
https://review.coreboot.org/c/coreboot/+/45459/12/src/lib/spd_bin.c@177
PS12, Line 177: spd_name[name_len + 1] = 0;
I had found the descrepancy while changing the code and considered adding a comment in code to point […]
I disagree on my specific comment. name_len +1 where name_len == DDR4_SPD_PART_LEN would be an out of bounds array access smashing the stack.
The point of my comment is that we should pass in ARRAY_SIZE(spd_name) into this function to correctly fill out the buffer. Your change will write to the array out of bounds.
--
To view, visit
https://review.coreboot.org/c/coreboot/+/45459
To unsubscribe, or for help writing mail filters, visit
https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I91971e07c450492dbb0588abd1c3c692ee0d3bb0
Gerrit-Change-Number: 45459
Gerrit-PatchSet: 13
Gerrit-Owner: Nick Vaccaro
nvaccaro@google.com
Gerrit-Reviewer: Caveh Jalali
caveh@chromium.org
Gerrit-Reviewer: Furquan Shaikh
furquan@google.com
Gerrit-Reviewer: Patrick Rudolph
siro@das-labor.org
Gerrit-Reviewer: Tim Wawrzynczak
twawrzynczak@google.com
Gerrit-Reviewer: build bot (Jenkins)
no-reply@coreboot.org
Gerrit-CC: Aaron Durbin
adurbin@chromium.org
Gerrit-CC: Paul Menzel
paulepanter@users.sourceforge.net
Gerrit-CC: Tim Wawrzynczak
twawrzynczak@chromium.org
Gerrit-Comment-Date: Fri, 18 Sep 2020 00:23:04 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Nick Vaccaro
nvaccaro@google.com
Comment-In-Reply-To: Aaron Durbin
adurbin@chromium.org
Gerrit-MessageType: comment
