[coreboot-gerrit] New patch to review for coreboot: cpu/ti/am355x: Fix array overrun
Paul Menzel (paulepanter@users.sourceforge.net)
gerrit at coreboot.org
Fri Aug 12 14:15:18 CEST 2016
Paul Menzel (paulepanter at users.sourceforge.net) just uploaded a new patch set to gerrit, which you can find at https://review.coreboot.org/16165
-gerrit
commit 898e91517418469ad2131550683224511e4c833f
Author: Paul Menzel <pmenzel at molgen.mpg.de>
Date: Fri Aug 12 14:08:49 2016 +0200
cpu/ti/am355x: Fix array overrun
> Overrunning array "am335x_gpio_banks" of 4 4-byte elements at element
> index 4 (byte offset 16) using index "bank" (which evaluates to 4).
As the first index is 0, also error out if the index is equal the array
size.
Change-Id: I6b6b6e010348a58931bd546dfc54f08460e8dbbc
Found-by: Coverity (CID 1354615: Memory - illegal accesses (OVERRUN))
Signed-off-by: Paul Menzel <pmenzel at molgen.mpg.de>
---
src/cpu/ti/am335x/gpio.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/cpu/ti/am335x/gpio.c b/src/cpu/ti/am335x/gpio.c
index d4f7edf..bfbbbd2 100644
--- a/src/cpu/ti/am335x/gpio.c
+++ b/src/cpu/ti/am335x/gpio.c
@@ -22,7 +22,7 @@ static struct am335x_gpio_regs *gpio_regs_and_bit(unsigned gpio, uint32_t *bit)
{
unsigned bank = gpio / AM335X_GPIO_BITS_PER_BANK;
- if (bank > ARRAY_SIZE(am335x_gpio_banks)) {
+ if (bank >= ARRAY_SIZE(am335x_gpio_banks)) {
printk(BIOS_ERR, "Bad gpio index %d.\n", gpio);
return NULL;
}
More information about the coreboot-gerrit
mailing list