From c953228bb002059faa92b9e000303099d80b9091 Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Tue, 10 Mar 2026 14:15:34 +0000
Subject: util/nvmutil: fix possible overflow: gbe_x_offset

preventative fix, since the values are currently
quite tiny. this new check is the same, but goes
the other way to eliminate overflow.

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 util/nvmutil/nvmutil.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'util')

diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index 5de1f35f..0101888e 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -1318,7 +1318,7 @@ gbe_x_offset(size_t p, const char *f_op, const char *d_type,
 
 	off = ((off_t)p) * (off_t)nsize;
 
-	if (off + GBE_PART_SIZE > ncmp)
+	if (off > ncmp - GBE_PART_SIZE)
 		err(errno, "%s: GbE %s %s out of bounds",
 		    fname, d_type, f_op);
 
-- 
cgit v1.2.1