[RFC PATCH 6/6] hw/sd/sdcard: Assert if accessing an illegal group

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[RFC PATCH 6/6] hw/sd/sdcard: Assert if accessing an illegal group

From:	Philippe Mathieu-Daudé
Subject:	[RFC PATCH 6/6] hw/sd/sdcard: Assert if accessing an illegal group
Date:	Fri, 18 Sep 2020 19:41:17 +0200

We can not have more group than 'wpgrps_size'.
Assert if we are accessing a group above this limit.

Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
---
 hw/sd/sd.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index 4454d168e2f..c3febed2434 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -780,6 +780,7 @@ static void sd_erase(SDState *sd)
     sd->csd[14] |= 0x40;
 
     for (i = erase_start; i <= erase_end; i++) {
+        assert(i < sd->wpgrps_size);
         if (test_bit(i, sd->wp_groups)) {
             sd->card_status |= WP_ERASE_SKIP;
         }
@@ -794,6 +795,7 @@ static uint32_t sd_wpbits(SDState *sd, uint64_t addr)
     wpnum = sd_addr_to_wpnum(addr);
 
     for (i = 0; i < 32; i++, wpnum++, addr += WPGROUP_SIZE) {
+        assert(wpnum < sd->wpgrps_size);
         if (addr < sd->size && test_bit(wpnum, sd->wp_groups)) {
             ret |= (1 << i);
         }
-- 
2.26.2

[Prev in Thread]

Current Thread

[Next in Thread]

[RFC PATCH 0/6] hw/sd/sdcard: Do not attempt to erase out of range addresses, Philippe Mathieu-Daudé, 2020/09/18
- [RFC PATCH 1/6] hw/sd/sdcard: Add trace event for ERASE command (CMD38), Philippe Mathieu-Daudé, 2020/09/18
- [RFC PATCH 2/6] hw/sd/sdcard: Introduce the INVALID_ADDRESS definition, Philippe Mathieu-Daudé, 2020/09/18
- [RFC PATCH 6/6] hw/sd/sdcard: Assert if accessing an illegal group, Philippe Mathieu-Daudé <=
- [RFC PATCH 4/6] hw/sd/sdcard: Reset both start/end addresses on error, Philippe Mathieu-Daudé, 2020/09/18
- [RFC PATCH 3/6] hw/sd/sdcard: Do not use legal address '0' for INVALID_ADDRESS, Philippe Mathieu-Daudé, 2020/09/18
  - Re: [RFC PATCH 3/6] hw/sd/sdcard: Do not use legal address '0' for INVALID_ADDRESS, Markus Armbruster, 2020/09/21
    - Re: [RFC PATCH 3/6] hw/sd/sdcard: Do not use legal address '0' for INVALID_ADDRESS, Philippe Mathieu-Daudé, 2020/09/21
    - Re: [RFC PATCH 3/6] hw/sd/sdcard: Do not use legal address '0' for INVALID_ADDRESS, Markus Armbruster, 2020/09/21
    - Re: [RFC PATCH 3/6] hw/sd/sdcard: Do not use legal address '0' for INVALID_ADDRESS, Dr. David Alan Gilbert, 2020/09/21
    - Re: [RFC PATCH 3/6] hw/sd/sdcard: Do not use legal address '0' for INVALID_ADDRESS, Philippe Mathieu-Daudé, 2020/09/21
    - Re: [RFC PATCH 3/6] hw/sd/sdcard: Do not use legal address '0' for INVALID_ADDRESS, Markus Armbruster, 2020/09/21
    - Re: [RFC PATCH 3/6] hw/sd/sdcard: Do not use legal address '0' for INVALID_ADDRESS, Paolo Bonzini, 2020/09/21
    - Re: [RFC PATCH 3/6] hw/sd/sdcard: Do not use legal address '0' for INVALID_ADDRESS, Markus Armbruster, 2020/09/22

Prev by Date: [RFC PATCH 2/6] hw/sd/sdcard: Introduce the INVALID_ADDRESS definition
Next by Date: [RFC PATCH 4/6] hw/sd/sdcard: Reset both start/end addresses on error
Previous by thread: [RFC PATCH 2/6] hw/sd/sdcard: Introduce the INVALID_ADDRESS definition
Next by thread: [RFC PATCH 4/6] hw/sd/sdcard: Reset both start/end addresses on error
Index(es):
- Date
- Thread