Skip to content

Commit 170221b

Browse files
wanda-phiDaniel Kiper
authored andcommitted
mmap/mmap: Fix integer overflow in binary search
The integer overflow triggered for simple masks in the "badram" command, such as "badram 0x0000000012340000,0xfffffffffffffff8". This resulted in an infinite loop, locking up the machine. Signed-off-by: Wanda Phinode <wanda@phinode.net> Reviewed-by: Vladimir Serbinenko <phcoder@gmail.com> Reviewed-by: Sudhakar Kuppusamy <sudhakar@linux.ibm.com> Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
1 parent eaa3b8f commit 170221b

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

grub-core/mmap/mmap.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -409,7 +409,7 @@ badram_iter (grub_uint64_t addr, grub_uint64_t size,
409409
*/
410410
while (high - low > 1)
411411
{
412-
cur = (low + high) / 2;
412+
cur = low + (high - low) / 2;
413413
if (fill_mask (entry, cur) >= addr)
414414
high = cur;
415415
else

0 commit comments

Comments
 (0)