diff options
| author | Sandrine Bailleux <sandrine.bailleux@arm.com> | 2016-06-28 16:48:30 +0100 |
|---|---|---|
| committer | Sandrine Bailleux <sandrine.bailleux@arm.com> | 2016-07-25 12:57:42 +0100 |
| commit | 3a26a28c72c089636d5b7e4194d3bc049932531f (patch) | |
| tree | 1353f4981ba19ed2ee692ba90e39d56df80e1e52 | |
| parent | 9d24d353e6d1882ec7a5df99cb374165fe001e56 (diff) | |
| download | platform_external_arm-trusted-firmware-3a26a28c72c089636d5b7e4194d3bc049932531f.tar.gz platform_external_arm-trusted-firmware-3a26a28c72c089636d5b7e4194d3bc049932531f.tar.bz2 platform_external_arm-trusted-firmware-3a26a28c72c089636d5b7e4194d3bc049932531f.zip | |
Make runtime_svc_init() function more robust
- Added some debug assertions checking that the runtime services
indexes computed by get_unique_oen() are sane.
- Do not print the name of the service when its descriptor is
invalid. If the descriptor is corrupted then its name field
could be corrupted as well and we would end up reading an
arbitrary amount of invalid memory.
Change-Id: I16f61065277d01fe1555d5a9cf743f7b52ccaa60
| -rw-r--r-- | common/runtime_svc.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/common/runtime_svc.c b/common/runtime_svc.c index 39300c84c..7a5855b64 100644 --- a/common/runtime_svc.c +++ b/common/runtime_svc.c @@ -107,8 +107,8 @@ void runtime_svc_init(void) */ rc = validate_rt_svc_desc(service); if (rc) { - ERROR("Invalid runtime service descriptor %p (%s)\n", - (void *) service, service->name); + ERROR("Invalid runtime service descriptor %p\n", + (void *) service); panic(); } @@ -136,8 +136,10 @@ void runtime_svc_init(void) */ start_idx = get_unique_oen(rt_svc_descs[index].start_oen, service->call_type); + assert(start_idx < MAX_RT_SVCS); end_idx = get_unique_oen(rt_svc_descs[index].end_oen, service->call_type); + assert(end_idx < MAX_RT_SVCS); for (; start_idx <= end_idx; start_idx++) rt_svc_descs_indices[start_idx] = index; } |