OrgACRN
/
acrn-hypervisor
mirror of https://github.com/projectacrn/acrn-hypervisor.git
1
0
Fork 0
Code Issues Releases Wiki Activity

DM: validate port range explicitly in inout.c 

- check the port address range explicitly
  to avoid buffer overflow.

Signed-off-by: Yonghua Huang <yonghua.huang@intel.com>
This commit is contained in:
Yonghua Huang 2018-05-24 22:16:13 +08:00 committed by lijinxia
parent 1b34870824
commit fc93c649d5
1 changed files with 16 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
devicemodel/core/inout.c
View File

@ -45,7 +45,7 @@ SET_DECLARE(inout_port_set, struct inout_port);
#define MAX_IOPORTS (1 << 16)
#define VERIFY_IOPORT(port, size) \
assert((port) >= 0 && (size) > 0 && ((port) + (size)) <= MAX_IOPORTS)
((port) >= 0 && (size) > 0 && ((port) + (size)) <= MAX_IOPORTS)
static struct {
const char *name;
@ -80,7 +80,10 @@ register_default_iohandler(int start, int size)
{
struct inout_port iop;
VERIFY_IOPORT(start, size);
if (!VERIFY_IOPORT(start, size)) {
printf("invalid input: port:0x%x, size:%d", start, size);
return;
}
bzero(&iop, sizeof(iop));
iop.name = "default";
@ -163,7 +166,11 @@ register_inout(struct inout_port *iop)
{
int i;
VERIFY_IOPORT(iop->port, iop->size);
if (!VERIFY_IOPORT(iop->port, iop->size)) {
printf("invalid input: port:0x%x, size:%d",
iop->port, iop->size);
return -1;
}
/*
* Verify that the new registration is not overwriting an already
@ -190,7 +197,12 @@ int
unregister_inout(struct inout_port *iop)
{
VERIFY_IOPORT(iop->port, iop->size);
if (!VERIFY_IOPORT(iop->port, iop->size)) {
printf("invalid input: port:0x%x, size:%d",
iop->port, iop->size);
return -1;
}
assert(inout_handlers[iop->port].name == iop->name);
register_default_iohandler(iop->port, iop->size);