amdfwtool: Check the real length of PMU string

The length should be checked before the PMU_STR_INS_INDEX(th) character
is accessed, otherwise it is going to an access violation.

Change-Id: I8b59eb34e1cb01fd6e2571fcebc28ef2084b6ec4
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/62249
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Felix Held <felix-coreboot@felixheld.de>
This commit is contained in:
Zheng Bao 2022-02-22 09:47:59 +08:00 committed by Felix Held
parent e39d371909
commit fdb0294846
1 changed files with 3 additions and 0 deletions

View File

@ -348,6 +348,7 @@ static uint8_t find_register_fw_filename_psp_dir(char *fw_name, char *filename,
#define PMU_STR_BASE_LEN strlen(PMUI_STR_BASE) #define PMU_STR_BASE_LEN strlen(PMUI_STR_BASE)
#define PMU_STR_SUB_INDEX strlen(PMUI_STR_BASE"_SUB") #define PMU_STR_SUB_INDEX strlen(PMUI_STR_BASE"_SUB")
#define PMU_STR_INS_INDEX strlen(PMUI_STR_BASE"_SUBx_INS") #define PMU_STR_INS_INDEX strlen(PMUI_STR_BASE"_SUBx_INS")
#define PMU_STR_ALL_LEN strlen(PMUI_STR_BASE"_SUBx_INSx")
static uint8_t find_register_fw_filename_bios_dir(char *fw_name, char *filename, static uint8_t find_register_fw_filename_bios_dir(char *fw_name, char *filename,
char level_to_set, amd_cb_config *cb_config) char level_to_set, amd_cb_config *cb_config)
@ -360,10 +361,12 @@ static uint8_t find_register_fw_filename_bios_dir(char *fw_name, char *filename,
(void) (cb_config); /* Remove warning and reserved for future. */ (void) (cb_config); /* Remove warning and reserved for future. */
if (strncmp(fw_name, PMUI_STR_BASE, PMU_STR_BASE_LEN) == 0) { if (strncmp(fw_name, PMUI_STR_BASE, PMU_STR_BASE_LEN) == 0) {
assert(strlen(fw_name) == PMU_STR_ALL_LEN);
fw_type = AMD_BIOS_PMUI; fw_type = AMD_BIOS_PMUI;
subprog = fw_name[PMU_STR_SUB_INDEX] - '0'; subprog = fw_name[PMU_STR_SUB_INDEX] - '0';
instance = fw_name[PMU_STR_INS_INDEX] - '0'; instance = fw_name[PMU_STR_INS_INDEX] - '0';
} else if (strncmp(fw_name, PMUD_STR_BASE, PMU_STR_BASE_LEN) == 0) { } else if (strncmp(fw_name, PMUD_STR_BASE, PMU_STR_BASE_LEN) == 0) {
assert(strlen(fw_name) == PMU_STR_ALL_LEN);
fw_type = AMD_BIOS_PMUD; fw_type = AMD_BIOS_PMUD;
subprog = fw_name[PMU_STR_SUB_INDEX] - '0'; subprog = fw_name[PMU_STR_SUB_INDEX] - '0';
instance = fw_name[PMU_STR_INS_INDEX] - '0'; instance = fw_name[PMU_STR_INS_INDEX] - '0';