lib/imd: Prohibit removing imd_entry covering root region

Removing entry covering root region leads to situation where num_entries counter is set to 0. This counter is further decremented in function obtaining address to last entry (see root_last_entry()). Such negative number may be further used as an index to the table. Current implementation may lead to crash, when user removes last entry with imd_entry_remove() and then calls for example imd_entry_add(). Signed-off-by: Jan Dabros <jsd@semihalf.com> Change-Id: I6ff54cce55bf10c82a5093f47c7f788fd7c12d3c Reviewed-on: https://review.coreboot.org/c/coreboot/+/44668 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Paul Fagerburg <pfagerburg@chromium.org>
2020-08-21 12:20:45 +02:00 · 2020-08-21 12:20:45 +02:00 · 3b0d040c11
parent 086c5e6fc8
commit 3b0d040c11
1 changed files with 4 additions and 0 deletions
--- a/src/lib/imd.c
+++ b/src/lib/imd.c
@ -630,6 +630,10 @@ int imd_entry_remove(const struct imd *imd, const struct imd_entry *entry)
 	if (entry != root_last_entry(r))
 		return -1;

+	/* Don't remove entry covering root region */
+	if (r->num_entries == 1)
+		return -1;
+
 	r->num_entries--;

 	return 0;