From e64b9b3e15fdfab3df22dfd38e203f6d4c298f4d Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Fri, 13 Mar 2026 17:39:48 +0000
Subject: util/nvmutil: fix offset validation

i didn't take into account partial writes, in io_args

this fixes it

unfortunately, this means i have to loosen the offset
check a bit, but it's fine

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 util/nvmutil/nvmutil.c | 9 +++------
 1 file changed, 3 insertions(+), 6 deletions(-)

(limited to 'util/nvmutil')

diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index 7fdb8545..f586e199 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -1753,18 +1753,15 @@ static int
 io_args(int fd, void *mem, size_t nrw,
     off_t off, int rw_type)
 {
-	if (mem != pad
+	if (mem != (void *)pad
 	    && mem != rnum
 	    && (mem < (void *)buf || mem >= (void *)(buf + GBE_FILE_SIZE)))
 		goto err_io_args;
 
-	if (off != 0
-	    && off != gbe_file_offset(1, "i/o check"))
+	if (off < 0 || off >= gbe_file_size)
 		goto err_io_args;
 
-	if (nrw != GBE_PART_SIZE &&
-	    nrw != NVM_SIZE &&
-	    nrw != NUM_RANDOM_BYTES)
+	if (nrw > GBE_PART_SIZE)
 		goto err_io_args;
 
 	if (fd < 0
-- 
cgit v1.2.1