When parsing the `ranges` DT node, check that both extremes of the
regions are addressable without overflow. This assumption can then be
safely made when processing the regions.
Signed-off-by: Andrew Scull <asc...@google.com>
Reviewed-by: Bin Meng <bmeng...@gmail.com>
---
drivers/pci/pci-uclass.c | 17 ++++++++++++++++-
1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/drivers/pci/pci-uclass.c b/drivers/pci/pci-uclass.c
index 719656eb3a..d84d97d676 100644
--- a/drivers/pci/pci-uclass.c
+++ b/drivers/pci/pci-uclass.c
@@ -1017,7 +1017,22 @@ static void decode_regions(struct pci_controller *hose,
ofnode parent_node,
if (!IS_ENABLED(CONFIG_SYS_PCI_64BIT) &&
type == PCI_REGION_MEM && upper_32_bits(pci_addr)) {
- debug(" - beyond the 32-bit boundary, ignoring\n");
+ debug(" - pci_addr beyond the 32-bit boundary,
ignoring\n");
+ continue;
+ }
+
+ if (!IS_ENABLED(CONFIG_PHYS_64BIT) && upper_32_bits(addr)) {
+ debug(" - addr beyond the 32-bit boundary, ignoring\n");
+ continue;
+ }
+
+ if (~((pci_addr_t)0) - pci_addr < size) {
+ debug(" - PCI range exceeds max address, ignoring\n");
+ continue;
+ }
+
+ if (~((phys_addr_t)0) - addr < size) {
+ debug(" - phys range exceeds max address, ignoring\n");
continue;
}
--
2.35.1.1021.g381101b075-goog
