From: Claude Code Review Bot <claude-review@example.com>
To: dri-devel-reviews@example.com
Subject: Claude review: gpu: nova-core: vbios: limit `BitToken` entry reads
Date: Sun, 12 Apr 2026 10:18:46 +1000 [thread overview]
Message-ID: <review-patch2-20260410-fix-vbios-v1-2-bc6f71d153d6@nvidia.com> (raw)
In-Reply-To: <20260410-fix-vbios-v1-2-bc6f71d153d6@nvidia.com>
Patch Review
This patch adds a check that `header.token_size >= size_of::<BitToken>()` and replaces direct array indexing with `.get()` + `.ok_or(EINVAL)?`.
```rust
+ if entry_size < size_of::<BitToken>() {
+ return Err(EINVAL);
```
This is a correct and important check. If the firmware reports a `token_size` smaller than the `BitToken` struct (6 bytes), the old code would index out of bounds within each entry.
The refactored loop body:
```rust
+ let entry = image
+ .base
+ .data
+ .get(entry_offset..)
+ .and_then(|data| data.get(..entry_size))
+ .ok_or(EINVAL)?;
```
This is cleaner than the old bounds check + direct indexing. The subsequent access to `entry[0]` through `entry[5]` is safe because `entry_size >= size_of::<BitToken>()` (which is 6) was verified up front.
Minor: No error message or `dev_err!` is emitted when `entry_size < size_of::<BitToken>()`. The existing code also didn't emit a message for out-of-bounds, so this is consistent. A `dev_err!` might be helpful for debugging bad firmware in the field, but it's not mandatory.
**Reviewed-by assessment: Good.**
---
---
Generated by Claude Code Patch Reviewer
next prev parent reply other threads:[~2026-04-12 0:18 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-10 8:38 [PATCH 0/5] gpu: nova-core: vbios: harden various array accesses Eliot Courtney
2026-04-10 8:38 ` [PATCH 1/5] gpu: nova-core: vbios: fix various cases of reading past `BIOS_MAX_SCAN_LEN` Eliot Courtney
2026-04-10 14:08 ` Joel Fernandes
2026-04-12 0:18 ` Claude review: " Claude Code Review Bot
2026-04-10 8:38 ` [PATCH 2/5] gpu: nova-core: vbios: limit `BitToken` entry reads Eliot Courtney
2026-04-10 14:30 ` Joel Fernandes
2026-04-12 0:18 ` Claude Code Review Bot [this message]
2026-04-10 8:38 ` [PATCH 3/5] gpu: nova-core: vbios: use checked accesses in `setup_falcon_data` Eliot Courtney
2026-04-10 14:53 ` Joel Fernandes
2026-04-12 0:18 ` Claude review: " Claude Code Review Bot
2026-04-10 8:38 ` [PATCH 4/5] gpu: nova-core: vbios: use checked access in `FwSecBiosImage::header` Eliot Courtney
2026-04-10 15:00 ` Joel Fernandes
2026-04-12 0:18 ` Claude review: " Claude Code Review Bot
2026-04-10 8:38 ` [PATCH 5/5] gpu: nova-core: vbios: use checked ops and accesses in `FwSecBiosImage::ucode` Eliot Courtney
2026-04-10 15:05 ` Joel Fernandes
2026-04-12 0:18 ` Claude review: " Claude Code Review Bot
2026-04-12 0:18 ` Claude review: gpu: nova-core: vbios: harden various array accesses Claude Code Review Bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=review-patch2-20260410-fix-vbios-v1-2-bc6f71d153d6@nvidia.com \
--to=claude-review@example.com \
--cc=dri-devel-reviews@example.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox