From 7263125d60bb9bee885cc0f6fa60e8a148d0a758 Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Sat, 14 Mar 2026 23:29:11 +0000
Subject: util/nvmutil: rw_file_exact: check inputs also

we check them in prw, but we used to rely
on prw because we called that first. no more.

it's correct to also check them here anyway,
in case i ever call another function here.

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 util/nvmutil/nvmutil.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'util/nvmutil')

diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index d9c09bc4..98f5bdcd 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -1888,6 +1888,16 @@ rw_file_exact(int fd, u8 *mem, size_t nrw,
 	size_t nrw_cur;
 	void *mem_cur;
 
+	if (mem == NULL)
+		goto err_rw_file_exact;
+
+	if (fd < 0
+	    || off < 0
+	    || !nrw /* prevent zero read request */
+	    || nrw > (size_t)SSIZE_MAX /* prevent overflow */
+	    || (uint)rw_type > IO_PWRITE)
+		goto err_rw_file_exact;
+
 	while (1) {
 	
 		/* Prevent theoretical overflow */
-- 
cgit v1.2.1