From: Claude Code Review Bot <claude-review@example.com>
To: dri-devel-reviews@example.com
Subject: Claude review: gpu: nova-core: vbios: use checked access in `FwSecBiosImage::header`
Date: Sun, 12 Apr 2026 10:18:46 +1000 [thread overview]
Message-ID: <review-patch4-20260410-fix-vbios-v1-4-bc6f71d153d6@nvidia.com> (raw)
In-Reply-To: <20260410-fix-vbios-v1-4-bc6f71d153d6@nvidia.com>
Patch Review
This patch moves the `data.get(falcon_ucode_offset..)` call to happen first, then uses `data.get(..4)` instead of direct slicing to read the version header:
```rust
+ let data = self.base.data.get(falcon_ucode_offset..).ok_or(EINVAL)?;
+
// Read the first 4 bytes to get the version.
- let hdr_bytes: [u8; 4] = self.base.data[falcon_ucode_offset..falcon_ucode_offset + 4]
+ let hdr_bytes: [u8; 4] = data
+ .get(..4)
+ .ok_or(EINVAL)?
.try_into()
.map_err(|_| EINVAL)?;
```
Looking at the original code, the `.get(falcon_ucode_offset..)` call already existed but was placed *after* the unchecked `self.base.data[falcon_ucode_offset..falcon_ucode_offset + 4]` — so the old code would panic on an out-of-bounds `falcon_ucode_offset` before ever reaching the checked access. This patch correctly reorders the operations and makes both accesses checked.
Note: the `.try_into().map_err(|_| EINVAL)?` after `.get(..4).ok_or(EINVAL)?` is now technically redundant since `.get(..4)` on a slice guarantees exactly 4 bytes (or `None`). But it's harmless and the compiler will optimize it away, so no issue.
**Reviewed-by assessment: Good.**
---
---
Generated by Claude Code Patch Reviewer
next prev parent reply other threads:[~2026-04-12 0:18 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-10 8:38 [PATCH 0/5] gpu: nova-core: vbios: harden various array accesses Eliot Courtney
2026-04-10 8:38 ` [PATCH 1/5] gpu: nova-core: vbios: fix various cases of reading past `BIOS_MAX_SCAN_LEN` Eliot Courtney
2026-04-10 14:08 ` Joel Fernandes
2026-04-12 0:18 ` Claude review: " Claude Code Review Bot
2026-04-10 8:38 ` [PATCH 2/5] gpu: nova-core: vbios: limit `BitToken` entry reads Eliot Courtney
2026-04-10 14:30 ` Joel Fernandes
2026-04-12 0:18 ` Claude review: " Claude Code Review Bot
2026-04-10 8:38 ` [PATCH 3/5] gpu: nova-core: vbios: use checked accesses in `setup_falcon_data` Eliot Courtney
2026-04-10 14:53 ` Joel Fernandes
2026-04-12 0:18 ` Claude review: " Claude Code Review Bot
2026-04-10 8:38 ` [PATCH 4/5] gpu: nova-core: vbios: use checked access in `FwSecBiosImage::header` Eliot Courtney
2026-04-10 15:00 ` Joel Fernandes
2026-04-12 0:18 ` Claude Code Review Bot [this message]
2026-04-10 8:38 ` [PATCH 5/5] gpu: nova-core: vbios: use checked ops and accesses in `FwSecBiosImage::ucode` Eliot Courtney
2026-04-10 15:05 ` Joel Fernandes
2026-04-12 0:18 ` Claude review: " Claude Code Review Bot
2026-04-12 0:18 ` Claude review: gpu: nova-core: vbios: harden various array accesses Claude Code Review Bot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=review-patch4-20260410-fix-vbios-v1-4-bc6f71d153d6@nvidia.com \
--to=claude-review@example.com \
--cc=dri-devel-reviews@example.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox