Skip to content

Commit

Permalink
ipc3: check alignment of ext data
Browse files Browse the repository at this point in the history
Sizes are not currently checked for alignment, this can generated
unaligned pointers for aligned types which is undefined behaviour.

Signed-off-by: Curtis Malainey <cujomalainey@chromium.org>
  • Loading branch information
cujomalainey committed Sep 10, 2024
1 parent 17c15fc commit d798b96
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions src/ipc/ipc3/helper.c
Original file line number Diff line number Diff line change
Expand Up @@ -80,6 +80,7 @@ static const struct comp_driver *get_drv(struct sof_ipc_comp *comp)
const struct comp_driver *drv = NULL;
struct comp_driver_info *info;
struct sof_ipc_comp_ext *comp_ext;
uintptr_t offset;
k_spinlock_key_t key;

/* do we have extended data ? */
Expand Down Expand Up @@ -112,9 +113,13 @@ static const struct comp_driver *get_drv(struct sof_ipc_comp *comp)
goto out;
}

comp_ext = (struct sof_ipc_comp_ext *)
((uint8_t *)comp + comp->hdr.size -
comp->ext_data_length);
offset = comp->hdr.size - comp->ext_data_length;
if ((offset & 0x3) != 0) {
tr_err(&comp_tr, "Invalid ext data offset %lx", offset);
goto out;
}

comp_ext = (struct sof_ipc_comp_ext *)((uint8_t *)comp + offset);

/* UUID is first item in extended data - check its big enough */
if (comp->ext_data_length < UUID_SIZE) {
Expand Down

0 comments on commit d798b96

Please sign in to comment.