faultplugin: fix TB range comparison off-by-one

Fraunhofer-AISEC · Mar 16, 2023 · 75ac996 · 75ac996
1 parent e5a0ca4
commit 75ac996
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/faultplugin/faultplugin.c b/faultplugin/faultplugin.c
@@ -940,7 +940,7 @@ void handle_tb_translate_event(struct qemu_plugin_tb *tb)
 	/**Verify, that no trigger is called*/
 	for( int i = 0; i < fault_number; i++)
 	{
-		if((tb->vaddr <= *(fault_trigger_addresses + i))&&((tb->vaddr + tb_size) >= *(fault_trigger_addresses + i)))
+		if((tb->vaddr <= *(fault_trigger_addresses + i))&&((tb->vaddr + tb_size) > *(fault_trigger_addresses + i)))
 		{
 			g_autoptr(GString) out = g_string_new("");
 			g_string_printf(out, "Met trigger address: %lx\n", *(fault_trigger_addresses + i) );
@@ -1041,7 +1041,7 @@ static void vcpu_translateblock_translation_event(qemu_plugin_id_t id, struct qe
 			{
 				size_t tb_size = calculate_bytesize_instructions(tb);
 				qemu_plugin_outs("[End]: Check endpoint\n");
-				if((tb->vaddr <= cur->location.address)&&((tb->vaddr + tb_size) >= cur->location.address))
+				if((tb->vaddr <= cur->location.address)&&((tb->vaddr + tb_size) > cur->location.address))
 				{
 					for(int i = 0; i < tb->n; i++)
 					{