[coreboot-gerrit] Patch set updated for coreboot: 96226e2 amd/agesa/f*/Lib/amdlib.c: Integer overflow in loop construct
Edward O'Callaghan (eocallaghan@alterapraxis.com)
gerrit at coreboot.org
Wed Dec 10 07:43:39 CET 2014
Edward O'Callaghan (eocallaghan at alterapraxis.com) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/7676
-gerrit
commit 96226e20b2ba3f4f3196b9fdada50d811bb2cd35
Author: Edward O'Callaghan <eocallaghan at alterapraxis.com>
Date: Sun Dec 7 05:20:14 2014 +1100
amd/agesa/f*/Lib/amdlib.c: Integer overflow in loop construct
As is the case in commit:
3312ed7 amd/agesa/f1?/Lib/amdlib.c: Integer overflow in loop construct
The semantics of this loop relies on an integer overflow in Index >=0
that implies a return value of (UINT8)-1 which around wraps to 0xFF, or
VOLT_UNSUPPORTED.
Also fix an infinite loop.
Change-Id: Iced3eff3ae7b8935db3bdd6147372cf3b540883c
Signed-off-by: Edward O'Callaghan <eocallaghan at alterapraxis.com>
---
src/vendorcode/amd/agesa/f10/Lib/amdlib.c | 18 +++++++++++++-----
src/vendorcode/amd/agesa/f12/Lib/amdlib.c | 18 +++++++++++++-----
src/vendorcode/amd/agesa/f14/Lib/amdlib.c | 18 +++++++++++++-----
src/vendorcode/amd/agesa/f15/Lib/amdlib.c | 17 ++++++++++++-----
src/vendorcode/amd/agesa/f15tn/Lib/amdlib.c | 18 +++++++++++++-----
src/vendorcode/amd/agesa/f16kb/Lib/amdlib.c | 18 +++++++++++++-----
6 files changed, 77 insertions(+), 30 deletions(-)
diff --git a/src/vendorcode/amd/agesa/f10/Lib/amdlib.c b/src/vendorcode/amd/agesa/f10/Lib/amdlib.c
index 83e6a00..b26c599 100644
--- a/src/vendorcode/amd/agesa/f10/Lib/amdlib.c
+++ b/src/vendorcode/amd/agesa/f10/Lib/amdlib.c
@@ -339,17 +339,25 @@ LibAmdBitScanForward (
}
return (UINT8) Index;
}
+
UINT8
LibAmdBitScanReverse (
IN UINT32 value
)
{
- UINT8 Index;
- for (Index = 31; Index >= 0; Index--){
- if (value & (1 << Index)) return Index;
- }
- return 0xFF;
+ uint8_t bit = 31;
+ do {
+ if (value & (1 << 31))
+ return bit;
+
+ value <<= 1;
+ bit--;
+
+ } while (value != 0)
+
+ return 0xFF; /* Error code inficating no bit found */
}
+
VOID
LibAmdMsrRead (
IN UINT32 MsrAddress,
diff --git a/src/vendorcode/amd/agesa/f12/Lib/amdlib.c b/src/vendorcode/amd/agesa/f12/Lib/amdlib.c
index 1ca9b55..7a0cee2 100644
--- a/src/vendorcode/amd/agesa/f12/Lib/amdlib.c
+++ b/src/vendorcode/amd/agesa/f12/Lib/amdlib.c
@@ -343,17 +343,25 @@ LibAmdBitScanForward (
}
return (UINT8) Index;
}
+
UINT8
LibAmdBitScanReverse (
IN UINT32 value
)
{
- UINT8 Index;
- for (Index = 31; Index >= 0; Index--){
- if (value & (1 << Index)) return Index;
- }
- return 0xFF;
+ uint8_t bit = 31;
+ do {
+ if (value & (1 << 31))
+ return bit;
+
+ value <<= 1;
+ bit--;
+
+ } while (value != 0)
+
+ return 0xFF; /* Error code inficating no bit found */
}
+
VOID
LibAmdMsrRead (
IN UINT32 MsrAddress,
diff --git a/src/vendorcode/amd/agesa/f14/Lib/amdlib.c b/src/vendorcode/amd/agesa/f14/Lib/amdlib.c
index 963aa7e..e6afe9e 100644
--- a/src/vendorcode/amd/agesa/f14/Lib/amdlib.c
+++ b/src/vendorcode/amd/agesa/f14/Lib/amdlib.c
@@ -343,17 +343,25 @@ LibAmdBitScanForward (
}
return (UINT8) Index;
}
+
UINT8
LibAmdBitScanReverse (
IN UINT32 value
)
{
- UINT8 Index;
- for (Index = 31; Index >= 0; Index--){
- if (value & (1 << Index)) return Index;
- }
- return 0xFF;
+ uint8_t bit = 31;
+ do {
+ if (value & (1 << 31))
+ return bit;
+
+ value <<= 1;
+ bit--;
+
+ } while (value != 0)
+
+ return 0xFF; /* Error code inficating no bit found */
}
+
VOID
LibAmdMsrRead (
IN UINT32 MsrAddress,
diff --git a/src/vendorcode/amd/agesa/f15/Lib/amdlib.c b/src/vendorcode/amd/agesa/f15/Lib/amdlib.c
index 1180ad2..7be95f0 100644
--- a/src/vendorcode/amd/agesa/f15/Lib/amdlib.c
+++ b/src/vendorcode/amd/agesa/f15/Lib/amdlib.c
@@ -343,16 +343,23 @@ LibAmdBitScanForward (
}
return (UINT8) Index;
}
+
UINT8
LibAmdBitScanReverse (
IN UINT32 value
)
{
- UINT8 Index;
- for (Index = 31; Index >= 0; Index--){
- if (value & (1 << Index)) return Index;
- }
- return 0xFF;
+ uint8_t bit = 31;
+ do {
+ if (value & (1 << 31))
+ return bit;
+
+ value <<= 1;
+ bit--;
+
+ } while (value != 0)
+
+ return 0xFF; /* Error code inficating no bit found */
}
UINT64
diff --git a/src/vendorcode/amd/agesa/f15tn/Lib/amdlib.c b/src/vendorcode/amd/agesa/f15tn/Lib/amdlib.c
index a2c424a..b9af90c 100644
--- a/src/vendorcode/amd/agesa/f15tn/Lib/amdlib.c
+++ b/src/vendorcode/amd/agesa/f15tn/Lib/amdlib.c
@@ -354,17 +354,25 @@ LibAmdBitScanForward (
}
return (UINT8) Index;
}
+
UINT8
LibAmdBitScanReverse (
IN UINT32 value
)
{
- UINT8 Index;
- for (Index = 31; Index >= 0; Index--){
- if (value & (1 << Index)) return Index;
- }
- return 0xFF;
+ uint8_t bit = 31;
+ do {
+ if (value & (1 << 31))
+ return bit;
+
+ value <<= 1;
+ bit--;
+
+ } while (value != 0)
+
+ return 0xFF; /* Error code inficating no bit found */
}
+
VOID
LibAmdMsrRead (
IN UINT32 MsrAddress,
diff --git a/src/vendorcode/amd/agesa/f16kb/Lib/amdlib.c b/src/vendorcode/amd/agesa/f16kb/Lib/amdlib.c
index d0e66b9..7de5dc2 100644
--- a/src/vendorcode/amd/agesa/f16kb/Lib/amdlib.c
+++ b/src/vendorcode/amd/agesa/f16kb/Lib/amdlib.c
@@ -355,17 +355,25 @@ LibAmdBitScanForward (
}
return (UINT8) Index;
}
+
UINT8
LibAmdBitScanReverse (
IN UINT32 value
)
{
- UINTN Index;
- for (Index = 31; Index >= 0; Index--){
- if (value & (1 << Index)) break;
- }
- return (UINT8) Index;
+ uint8_t bit = 31;
+ do {
+ if (value & (1 << 31))
+ return bit;
+
+ value <<= 1;
+ bit--;
+
+ } while (value != 0)
+
+ return 0xFF; /* Error code inficating no bit found */
}
+
VOID
LibAmdMsrRead (
IN UINT32 MsrAddress,
More information about the coreboot-gerrit
mailing list