summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNico Huber <nico.huber@secunet.com>2020-11-26 13:35:09 +0100
committerNico Huber <nico.h@gmx.de>2020-12-03 23:26:43 +0000
commit361a5c095262adc139f0d7504fb25e1215eebc8f (patch)
treeea04a93e3ffc10aec913e3e428d178a5354bf835
parent20426858c58d99f86bd791259342e71411c7ca62 (diff)
spi/flashconsole: Fix internal buffer overflow
Once the console's FMAP region is full, we stop clearing the line buffer and `line_offset` is not reset anymore. Hence, sanity check `line_offset` everytime before writing to the buffer. The issue resulted in boot hangs and potentially a brick if the log was very verbose. Change-Id: I36e9037d7baf8c1ed8b2d0c120bfffa58c089c95 Signed-off-by: Nico Huber <nico.huber@secunet.com> Reviewed-on: https://review.coreboot.org/c/coreboot/+/48074 Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net> Reviewed-by: Michael Niewöhner <foss@mniewoehner.de> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
-rw-r--r--src/drivers/spi/flashconsole.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/drivers/spi/flashconsole.c b/src/drivers/spi/flashconsole.c
index 654177f6d3..d5c4382101 100644
--- a/src/drivers/spi/flashconsole.c
+++ b/src/drivers/spi/flashconsole.c
@@ -75,7 +75,8 @@ void flashconsole_tx_byte(unsigned char c)
size_t region_size = region_device_sz(rdev_ptr);
- line_buffer[line_offset++] = c;
+ if (line_offset < LINE_BUFFER_SIZE)
+ line_buffer[line_offset++] = c;
if (line_offset >= LINE_BUFFER_SIZE ||
offset + line_offset >= region_size || c == '\n') {