[PATCH 2/2] acpi/iort: fix error in SMMU node length check
Ard Biesheuvel
ard.biesheuvel at linaro.org
Wed Feb 20 13:59:04 UTC 2019
The SMMU v1/v2 global interrupt check tries to ensure that the global
interrupt sub-table does not extend beyond the end of the table, but
the actual expression being compared accounts fpr the size of the
table twice, resulting in false negatives.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel at linaro.org>
---
src/acpi/iort/iort.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/acpi/iort/iort.c b/src/acpi/iort/iort.c
index 5e46fabbfccb..ce8306631450 100644
--- a/src/acpi/iort/iort.c
+++ b/src/acpi/iort/iort.c
@@ -305,7 +305,7 @@ static void iort_smmu_global_interrupt_check(
uint8_t *intr_end = data + offset +
sizeof(fwts_acpi_table_iort_smmu_global_interrupt_array);
- if (sizeof(*intr) + (uint8_t *)intr_end > data_end) {
+ if (intr_end > data_end) {
*passed = false;
fwts_failed(fw, LOG_LEVEL_HIGH,
"IORTSmmuGlobalInterruptsOutsideTable",
--
2.20.1
More information about the fwts-devel
mailing list