From 3c19382367f548d63fe2948b094e05c44d232039 Mon Sep 17 00:00:00 2001 From: Jacob Garber Date: Mon, 10 Jun 2019 18:23:32 -0600 Subject: nb/intel/nehalem: Prevent out of bounds read If the decoded SPD DRAM frequency is slower than the controller minimum, then there will be an unsigned integer underflow in the following loop, which will lead to a very large out of bounds array access. Ensure this does not happen. Change-Id: Ic8ed1293adfe0866781bd638323977abd110777e Signed-off-by: Jacob Garber Found-by: Coverity CID 1229675 Reviewed-on: https://review.coreboot.org/c/coreboot/+/33383 Tested-by: build bot (Jenkins) Reviewed-by: HAOUAS Elyes Reviewed-by: Angel Pons --- src/northbridge/intel/nehalem/raminit.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/northbridge/intel/nehalem/raminit.c b/src/northbridge/intel/nehalem/raminit.c index b4ff85cdd4..fadf0e0801 100644 --- a/src/northbridge/intel/nehalem/raminit.c +++ b/src/northbridge/intel/nehalem/raminit.c @@ -595,6 +595,8 @@ static void calculate_timings(struct raminfo *info) info-> spd[channel][slot][CAS_LATENCY_TIME]); } + if (cycletime > min_cycletime[0]) + die("RAM init: Decoded SPD DRAM freq is slower than the controller minimum!"); for (clock_speed_index = 0; clock_speed_index < 3; clock_speed_index++) { if (cycletime == min_cycletime[clock_speed_index]) break; -- cgit v1.2.3