Remove possible overflow during conversion

martin-hughes · martin-hughes · commit a6de1171adbe · 2026-04-14T22:02:50.000+01:00
diff --git a/src/aml/mod.rs b/src/aml/mod.rs
@@ -3386,4 +3386,7 @@ pub enum AmlError {
     /// This variant is set by the host, not by the library, and can be used when it is convenient
     /// not to construct a more complex error type around [`AmlError`].
     HostError(String),
+
+    /// An integer operation was attempted for an integer greater than 8 bytes long.
+    InvalidIntegerSize(usize),
 }
diff --git a/src/aml/object.rs b/src/aml/object.rs
@@ -208,6 +208,11 @@ impl Object {
     ///
     /// To avoid the cast, use [`Object::as_integer`] instead.
     pub fn to_integer(&self, allowed_bytes: usize) -> Result<u64, AmlError> {
+        // This check shouldn't hit, but it protects the `to_interpret` buffer below from panicking.
+        if allowed_bytes > size_of::<u64>() {
+            return Err(AmlError::InvalidIntegerSize(allowed_bytes));
+        }
+
         match self {
             Object::Integer(value) => Ok(*value),
             Object::Buffer(bytes) => {
@@ -243,7 +248,11 @@ impl Object {
             Object::BufferField { .. } => {
                 let mut buffer = [0u8; 8];
                 self.read_buffer_field(&mut buffer)?;
-                Ok(u64::from_le_bytes(buffer) % (1 << (allowed_bytes as u64 * 8)))
+                let mut result = u64::from_le_bytes(buffer);
+                if allowed_bytes < 8 {
+                    result &= (1 << (allowed_bytes as u64 * 8)) - 1;
+                }
+                Ok(result)
             }
             _ => Err(AmlError::InvalidOperationOnObject { op: Operation::ToInteger, typ: self.typ() })?,
         }
@@ -578,4 +587,17 @@ mod tests {
 
         assert_eq!(buffer_field.to_integer(4).unwrap(), 0);
     }
+
+    #[test]
+    fn buffer_field_to_8_byte_integer() {
+        const BUFFER: [u8; 6] = [0x0f, 0x00, 0x00, 0x00, 0xf0, 0xff];
+        let buffer = Object::Buffer(Vec::from(BUFFER)).wrap();
+        let buffer_field = Object::BufferField {
+            buffer,
+            offset: 4,
+            length: 36,
+        };
+
+        assert_eq!(buffer_field.to_integer(8).unwrap(), 0x0000000f_00000000);
+    }
 }

Original file line number	Diff line number	Diff line change
`@@ -3386,4 +3386,7 @@ pub enum AmlError {`
`3386`	`3386`	`/// This variant is set by the host, not by the library, and can be used when it is convenient`
`3387`	`3387`	/// not to construct a more complex error type around [`AmlError`].
`3388`	`3388`	`HostError(String),`
	`3389`	`+`
	`3390`	`+ /// An integer operation was attempted for an integer greater than 8 bytes long.`
	`3391`	`+ InvalidIntegerSize(usize),`
`3389`	`3392`	`}`