From 67a7f16ba268eafba3ec5ad8dda0340509d6fd94 Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Sat, 14 Mar 2026 23:29:11 +0000
Subject: util/nvmutil: rw_file_exact: check inputs also

we check them in prw, but we used to rely
on prw because we called that first. no more.

it's correct to also check them here anyway,
in case i ever call another function here.

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 util/nvmutil/nvmutil.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

(limited to 'util')

diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index d9c09bc4..98f5bdcd 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -1888,6 +1888,16 @@ rw_file_exact(int fd, u8 *mem, size_t nrw,
 	size_t nrw_cur;
 	void *mem_cur;
 
+	if (mem == NULL)
+		goto err_rw_file_exact;
+
+	if (fd < 0
+	    || off < 0
+	    || !nrw /* prevent zero read request */
+	    || nrw > (size_t)SSIZE_MAX /* prevent overflow */
+	    || (uint)rw_type > IO_PWRITE)
+		goto err_rw_file_exact;
+
 	while (1) {
 	
 		/* Prevent theoretical overflow */
-- 
cgit v1.2.1