On Tue, Dec 17, 2024 at 07:12:20AM -0500, Hans Zhang wrote:
> The return type of the API is inconsistent. Inconsistencies may
> result in out-of-bounds. If the bar size of the EP device exceeds
> 4G, this bar_Size will be equal to 0.
>
> For example, there is an EP device, the bar0 size is 16MB, bar1
> size is 32MB, bar2 size is 8GB. When testing bar2, barno equals
> BAR2. Then run pcitest -b 2, console will output "TEST FAILED".
>
> Variable declaration of bar_size is int, the range less than or
> equal 2G. The return value of pci_resource_len is resource_size_t.
>
> Signed-off-by: Hans Zhang <18255117159@xxxxxxx>
> ---
> drivers/misc/pci_endpoint_test.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/drivers/misc/pci_endpoint_test.c b/drivers/misc/pci_endpoint_test.c
> index 3aaaf47fa4ee..414c4e55fb0a 100644
> --- a/drivers/misc/pci_endpoint_test.c
> +++ b/drivers/misc/pci_endpoint_test.c
> @@ -280,10 +280,11 @@ static int pci_endpoint_test_bar_memcmp(struct pci_endpoint_test *test,
> static bool pci_endpoint_test_bar(struct pci_endpoint_test *test,
> enum pci_barno barno)
> {
> - int j, bar_size, buf_size, iters, remain;
> void *write_buf __free(kfree) = NULL;
> void *read_buf __free(kfree) = NULL;
> struct pci_dev *pdev = test->pdev;
> + int j, buf_size, iters, remain;
> + resource_size_t bar_size;
>
> if (!test->bar[barno])
> return false;
> --
> 2.17.1
>
Reviewed-by: Niklas Cassel <cassel@xxxxxxxxxx>
