When parsing the `ranges` DT node, check that both extremes of the regions are addressable without overflow. This assumption can then be safely made when processing the regions.
Signed-off-by: Andrew Scull ascull@google.com Reviewed-by: Bin Meng bmeng.cn@gmail.com --- drivers/pci/pci-uclass.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-)
diff --git a/drivers/pci/pci-uclass.c b/drivers/pci/pci-uclass.c index 719656eb3a..d84d97d676 100644 --- a/drivers/pci/pci-uclass.c +++ b/drivers/pci/pci-uclass.c @@ -1017,7 +1017,22 @@ static void decode_regions(struct pci_controller *hose, ofnode parent_node,
if (!IS_ENABLED(CONFIG_SYS_PCI_64BIT) && type == PCI_REGION_MEM && upper_32_bits(pci_addr)) { - debug(" - beyond the 32-bit boundary, ignoring\n"); + debug(" - pci_addr beyond the 32-bit boundary, ignoring\n"); + continue; + } + + if (!IS_ENABLED(CONFIG_PHYS_64BIT) && upper_32_bits(addr)) { + debug(" - addr beyond the 32-bit boundary, ignoring\n"); + continue; + } + + if (~((pci_addr_t)0) - pci_addr < size) { + debug(" - PCI range exceeds max address, ignoring\n"); + continue; + } + + if (~((phys_addr_t)0) - addr < size) { + debug(" - phys range exceeds max address, ignoring\n"); continue; }