summaryrefslogtreecommitdiff
path: root/util/nvmutil/nvmutil.c
diff options
context:
space:
mode:
Diffstat (limited to 'util/nvmutil/nvmutil.c')
-rw-r--r--util/nvmutil/nvmutil.c17
1 files changed, 13 insertions, 4 deletions
diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index ba3fc29f..c8b8060b 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -218,6 +218,7 @@ also consider:
#include <fcntl.h>
#include <limits.h>
#include <stdarg.h>
+#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -1800,13 +1801,21 @@ static ssize_t
rw_gbe_file_exact(int fd, u8 *mem, size_t nrw,
off_t off, int rw_type)
{
+ size_t mem_addr;
+ size_t buf_addr;
+ size_t buf_end;
+
if (mem == NULL)
goto err_rw_gbe_file_exact;
- if (mem != (void *)pad
- && mem != (void *)rnum
- && (mem < buf || mem >= (buf + GBE_FILE_SIZE)))
- goto err_rw_gbe_file_exact;
+ mem_addr = (size_t)(void *)mem;
+ buf_addr = (size_t)(void *)buf;
+ buf_end = buf_addr + GBE_FILE_SIZE;
+
+ if (mem != (void *)pad &&
+ mem != (void *)rnum &&
+ (mem_addr < buf_addr || mem_addr >= buf_end))
+ goto err_rw_gbe_file_exact;
if (off < 0 || off >= gbe_file_size)
goto err_rw_gbe_file_exact;
generated by cgit v1.2.1 (git 2.18.0) at 2026-03-15 14:33:27 +0000