util/nvmutil: rw_file_exact: check inputs also

we check them in prw, but we used to rely on prw because we called that first. no more. it's correct to also check them here anyway, in case i ever call another function here. Signed-off-by: Leah Rowe <leah@libreboot.org>
author: Leah Rowe <leah@libreboot.org> 2026-03-14 23:29:11 +0000
committer: Leah Rowe <leah@libreboot.org> 2026-03-14 23:29:11 +0000
commit: 67a7f16ba268eafba3ec5ad8dda0340509d6fd94 (patch)
tree: 76539ce3fe9232ca07462eacb7c9a7792632c3d7 /util
parent: 4db11cd4ed9520dea4d01e2c1d460789d6ea7c89 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index d9c09bc4..98f5bdcd 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -1888,6 +1888,16 @@ rw_file_exact(int fd, u8 *mem, size_t nrw,
 	size_t nrw_cur;
 	void *mem_cur;
 
+	if (mem == NULL)
+		goto err_rw_file_exact;
+
+	if (fd < 0
+	    || off < 0
+	    || !nrw /* prevent zero read request */
+	    || nrw > (size_t)SSIZE_MAX /* prevent overflow */
+	    || (uint)rw_type > IO_PWRITE)
+		goto err_rw_file_exact;
+
 	while (1) {
 	
 		/* Prevent theoretical overflow */
author	Leah Rowe <leah@libreboot.org>	2026-03-14 23:29:11 +0000
committer	Leah Rowe <leah@libreboot.org>	2026-03-14 23:29:11 +0000
commit	67a7f16ba268eafba3ec5ad8dda0340509d6fd94 (patch)
tree	76539ce3fe9232ca07462eacb7c9a7792632c3d7 /util
parent	4db11cd4ed9520dea4d01e2c1d460789d6ea7c89 (diff)