NOVA: fix overflow in address check
This commit is contained in:
parent
f5efbff19c
commit
7bd0ed7c44
|
@ -122,18 +122,22 @@ inline int map_local(Nova::Utcb *utcb,
|
||||||
* size (and are always zero).
|
* size (and are always zero).
|
||||||
*/
|
*/
|
||||||
size_t order = get_page_size_log2();
|
size_t order = get_page_size_log2();
|
||||||
for (; order < 32 && !(common_bits & (1 << order)); order++);
|
for (; order < 32 && !(common_bits & (1UL << order)); order++);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Look if flexpage fits into both 'from' and 'to' address range
|
* Look if flexpage fits into both 'from' and 'to' address range
|
||||||
*/
|
*/
|
||||||
|
|
||||||
if (from_curr + (1 << order) > from_end)
|
if ((from_end - from_curr) < (1UL << order))
|
||||||
order = log2(from_end - from_curr);
|
order = log2(from_end - from_curr);
|
||||||
|
|
||||||
if (to_curr + (1 << order) > to_end)
|
if ((to_end - to_curr) < (1UL << order))
|
||||||
order = log2(to_end - to_curr);
|
order = log2(to_end - to_curr);
|
||||||
|
|
||||||
|
if (verbose_local_map)
|
||||||
|
Genode::printf("::map_local: order %lx %lx:%lx %lx:%lx\n",
|
||||||
|
order, from_curr, from_end, to_curr, to_end);
|
||||||
|
|
||||||
int const res = map_local(utcb,
|
int const res = map_local(utcb,
|
||||||
Mem_crd((from_curr >> 12), order - get_page_size_log2(), rwx),
|
Mem_crd((from_curr >> 12), order - get_page_size_log2(), rwx),
|
||||||
Mem_crd((to_curr >> 12), order - get_page_size_log2(), rwx),
|
Mem_crd((to_curr >> 12), order - get_page_size_log2(), rwx),
|
||||||
|
@ -141,7 +145,7 @@ inline int map_local(Nova::Utcb *utcb,
|
||||||
if (res) return res;
|
if (res) return res;
|
||||||
|
|
||||||
/* advance offset by current flexpage size */
|
/* advance offset by current flexpage size */
|
||||||
offset += (1 << order);
|
offset += (1UL << order);
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user