review.tizen.org Git - platform/kernel/opensbi.git/commit

author	Samuel Holland <samuel@sholland.org>
	Tue, 27 Dec 2022 18:44:44 +0000 (12:44 -0600)
committer	Anup Patel <anup@brainfault.org>
	Fri, 13 Jan 2023 12:09:42 +0000 (17:39 +0530)
commit	da5594bf853d9c635aee14bce3abc1076641e395
tree	49fd8fe3712f199c5635f062b221d7398131e263	tree \| snapshot
parent	001106d19b21cd6443ae7f7f6d4d048d80e9ecac	commit \| diff

platform: generic: allwinner: Fix PLIC array bounds

The two referenced commits passed incorrect bounds to the PLIC save/
restore functions, causing out-of-bounds memory access. The functions
expect "num" to be the 1-based number of interrupt sources, equivalent
to the "riscv,ndev" devicetree property. Thus, "num" must be strictly
smaller than the 0-based size of the array storing the register values.

However, the referenced commits incorrectly passed in the unmodified
size of the array as "num". Fix this by reducing PLIC_SOURCES (matching
"riscv,ndev" on this platform), while keeping the same array sizes.

Addresses-Coverity-ID: 1530251 ("Out-of-bounds access")
Addresses-Coverity-ID: 1530252 ("Out-of-bounds access")
Fixes: 8509e46ca63a ("lib: utils/irqchip: plic: Ensure no out-of-bound access in priority save/restore helpers")
Fixes: 9a2eeb4aaeac ("lib: utils/irqchip: plic: Ensure no out-of-bound access in context save/restore helpers")
Signed-off-by: Samuel Holland <samuel@sholland.org>
Reviewed-by: Anup Patel <anup@brainfault.org>