diff options
author | Nico Huber <nico.huber@secunet.com> | 2020-11-26 13:35:09 +0100 |
---|---|---|
committer | Nico Huber <nico.h@gmx.de> | 2020-12-03 23:26:43 +0000 |
commit | 361a5c095262adc139f0d7504fb25e1215eebc8f (patch) | |
tree | ea04a93e3ffc10aec913e3e428d178a5354bf835 | |
parent | 20426858c58d99f86bd791259342e71411c7ca62 (diff) |
spi/flashconsole: Fix internal buffer overflow
Once the console's FMAP region is full, we stop clearing the line
buffer and `line_offset` is not reset anymore. Hence, sanity check
`line_offset` everytime before writing to the buffer.
The issue resulted in boot hangs and potentially a brick if the
log was very verbose.
Change-Id: I36e9037d7baf8c1ed8b2d0c120bfffa58c089c95
Signed-off-by: Nico Huber <nico.huber@secunet.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/48074
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Reviewed-by: Michael Niewöhner <foss@mniewoehner.de>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
-rw-r--r-- | src/drivers/spi/flashconsole.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/drivers/spi/flashconsole.c b/src/drivers/spi/flashconsole.c index 654177f6d3..d5c4382101 100644 --- a/src/drivers/spi/flashconsole.c +++ b/src/drivers/spi/flashconsole.c @@ -75,7 +75,8 @@ void flashconsole_tx_byte(unsigned char c) size_t region_size = region_device_sz(rdev_ptr); - line_buffer[line_offset++] = c; + if (line_offset < LINE_BUFFER_SIZE) + line_buffer[line_offset++] = c; if (line_offset >= LINE_BUFFER_SIZE || offset + line_offset >= region_size || c == '\n') { |