summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNico Huber <nico.h@gmx.de>2020-02-07 17:11:40 +0100
committerNico Huber <nico.h@gmx.de>2020-02-09 17:49:51 +0000
commit6d5f007813f6a2ffbdd6a633f31d207672eee2e1 (patch)
tree9487527006e2d8a5e07f07d2010e07799d72e514
parentfbdd18b650c321c0cdb54862243a572e897e6d11 (diff)
cpu/x86/smm: Add overflow check
Rather bail out than run into undefined behavior. Change-Id: Ife26a0abed0ce6bcafe1e7cd8f499618631c4df4 Signed-off-by: Nico Huber <nico.h@gmx.de> Reviewed-on: https://review.coreboot.org/c/coreboot/+/38763 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Rudolph <siro@das-labor.org> Reviewed-by: Angel Pons <th3fanbus@gmail.com> Reviewed-by: <cedarhouse1@comcast.net>
-rw-r--r--src/cpu/x86/smm/smm_module_loader.c2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/cpu/x86/smm/smm_module_loader.c b/src/cpu/x86/smm/smm_module_loader.c
index a421436893..81020a460a 100644
--- a/src/cpu/x86/smm/smm_module_loader.c
+++ b/src/cpu/x86/smm/smm_module_loader.c
@@ -202,6 +202,8 @@ static int smm_module_setup_stub(void *smbase, struct smm_loader_params *params,
/* Adjust remaining size to account for save state. */
total_save_state_size = params->per_cpu_save_state_size *
params->num_concurrent_save_states;
+ if (total_save_state_size > size)
+ return -1;
size -= total_save_state_size;
/* The save state size encroached over the first SMM entry point. */