diff options
author | Jacob Garber <jgarber1@ualberta.ca> | 2019-05-20 16:35:33 -0600 |
---|---|---|
committer | Patrick Georgi <pgeorgi@google.com> | 2019-05-22 10:03:11 +0000 |
commit | 9b0d8e7a1fd18a53579d0332204d2be57ec0474b (patch) | |
tree | 8b60913b35159dfb2415d9cdb21647d109d11a4a /payloads/linuxcheck/i386.c | |
parent | b6ee05692dce5df945b8363d361398ab2192d960 (diff) |
util/romcc: Prevent out-of-bounds read
If 'class > LAST_REGC', then there will be an out-of-bounds read when
accessing 'regcm_bound'. Prevent this by skipping to the next iteration
of the loop. Note that this should not generally happen anyway, since
'result' represents a bitset for the indices of 'regcm_bound', and so
iterations where 'class > LAST_REGC' should already be skipped by the
previous continue statement (since those bits of 'result' should all be
zero).
Found-by: Covericy CID 1129122
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Change-Id: Id5f5adb0a292763251054aeecf2a5b87a11297b1
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32902
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
Diffstat (limited to 'payloads/linuxcheck/i386.c')
0 files changed, 0 insertions, 0 deletions