Am 2021-03-22 16:32, schrieb Michael Walle:
+
+ sfdp->num_dwords = DIV_ROUND_UP(sfdp_size, sizeof(*sfdp->dwords));
The SFDP spec says that Parameter Table Pointer should be DWORD
aligned
and Parameter Table length is specified in number of DWORDs. So,
sfdp_size should always be a multiple of 4. Any SFDP table where this
is
not true is an invalid one.
Also, the spec says "Device behavior when the Read SFDP command
crosses
the SFDP structure boundary is not defined".
So I think this should be a check for alignment instead of a round-up.
Well, that woundn't help for debugging. I.e. you also want the SFDP
data
in cases like this. IMHO we should try hard enough to actually get a
reasonable dump.
OTOH we also rely on the header and the pointers in the header. Any
other ideas, but just to chicken out?
Oh, forgot to mention, sfdp_size is used to read the data. I just want
to make sure, the allocated area is large enough. We shouldn't hit the
undefined behavior by reading past the SFDP.
Maybe that check should be part of the parsing code.
-michael
