diff options
| author | Randall Spangler <rspangler@chromium.org> | 2016-09-02 12:10:31 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2016-09-06 22:02:13 -0700 |
| commit | 1589f94dc19b4f6613993ced9f25048aa9cbef18 (patch) | |
| tree | 48e7d3d5d6ec5e1ffdf7bda0f3b9c31becfaa4c0 | |
| parent | f7559e4b4652134b1e15de3ce31ee50a3de00f69 (diff) | |
| download | vboot-1589f94dc19b4f6613993ced9f25048aa9cbef18.tar.gz | |
Fix coverity warnings in firmware
Assorted minor code issues, which we should fix so any new errors stand
out more.
BUG=chromium:643769
BRANCH=none
TEST=make runtests
Change-Id: I84182df0d0e222f4f60206c621ec62e1ee283adb
Signed-off-by: Randall Spangler <rspangler@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/380697
Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
| -rw-r--r-- | firmware/bdb/host.c | 1 | ||||
| -rw-r--r-- | firmware/lib/gpt_misc.c | 17 | ||||
| -rw-r--r-- | firmware/lib/tpm_lite/tlcl.c | 2 | ||||
| -rw-r--r-- | firmware/lib/vboot_api_kernel.c | 33 | ||||
| -rw-r--r-- | firmware/lib/vboot_common.c | 8 | ||||
| -rw-r--r-- | firmware/stub/vboot_api_stub_init.c | 2 |
6 files changed, 37 insertions, 26 deletions
diff --git a/firmware/bdb/host.c b/firmware/bdb/host.c index 68a62803..62b2c410 100644 --- a/firmware/bdb/host.c +++ b/firmware/bdb/host.c @@ -123,6 +123,7 @@ struct bdb_key *bdb_create_key(const char *filename, } else { fprintf(stderr, "%s: bad key size from %s\n", __func__, filename); + free(kdata); return NULL; } key_size += kdata_size; diff --git a/firmware/lib/gpt_misc.c b/firmware/lib/gpt_misc.c index c9b71701..3957cb89 100644 --- a/firmware/lib/gpt_misc.c +++ b/firmware/lib/gpt_misc.c @@ -123,13 +123,20 @@ int AllocAndReadGptData(VbExDiskHandle_t disk_handle, GptData *gptdata) int WriteAndFreeGptData(VbExDiskHandle_t disk_handle, GptData *gptdata) { int skip_primary = 0; - GptHeader *header = (GptHeader *)gptdata->primary_header; - uint64_t entries_bytes = - (uint64_t)header->number_of_entries - * header->size_of_entry; - uint64_t entries_sectors = entries_bytes / gptdata->sector_bytes; + GptHeader *header; + uint64_t entries_bytes, entries_sectors; int ret = 1; + header = (GptHeader *)gptdata->primary_header; + if (!header) + header = (GptHeader *)gptdata->secondary_header; + if (!header) + return 1; /* No headers at all, so nothing to write */ + + entries_bytes = (uint64_t)header->number_of_entries + * header->size_of_entry; + entries_sectors = entries_bytes / gptdata->sector_bytes; + /* * TODO(namnguyen): Preserve padding between primary GPT header and * its entries. diff --git a/firmware/lib/tpm_lite/tlcl.c b/firmware/lib/tpm_lite/tlcl.c index bf2d27f9..78944314 100644 --- a/firmware/lib/tpm_lite/tlcl.c +++ b/firmware/lib/tpm_lite/tlcl.c @@ -223,6 +223,8 @@ uint32_t TlclRead(uint32_t index, void* data, uint32_t length) { if (result == TPM_SUCCESS && length > 0) { uint8_t* nv_read_cursor = response + kTpmResponseHeaderLength; FromTpmUint32(nv_read_cursor, &result_length); + if (result_length > length) + result_length = length; /* Truncate to fit buffer */ nv_read_cursor += sizeof(uint32_t); Memcpy(data, nv_read_cursor, result_length); } diff --git a/firmware/lib/vboot_api_kernel.c b/firmware/lib/vboot_api_kernel.c index 90703a90..4aa2fbdc 100644 --- a/firmware/lib/vboot_api_kernel.c +++ b/firmware/lib/vboot_api_kernel.c @@ -1081,6 +1081,22 @@ VbError_t VbSelectAndLoadKernel(VbCommonParams *cparams, VbExNvStorageRead(vnc.raw); VbNvSetup(&vnc); + /* Fill in params for calls to LoadKernel() */ + Memset(&p, 0, sizeof(p)); + p.shared_data_blob = cparams->shared_data_blob; + p.shared_data_size = cparams->shared_data_size; + p.gbb_data = cparams->gbb_data; + p.gbb_size = cparams->gbb_size; + p.fwmp = &fwmp; + p.nv_context = &vnc; + + /* + * This could be set to NULL, in which case the vboot header + * information about the load address and size will be used. + */ + p.kernel_buffer = kparams->kernel_buffer; + p.kernel_buffer_size = kparams->kernel_buffer_size; + /* Clear output params in case we fail */ kparams->disk_handle = NULL; kparams->partition_number = 0; @@ -1169,22 +1185,7 @@ VbError_t VbSelectAndLoadKernel(VbCommonParams *cparams, } } - /* Fill in params for calls to LoadKernel() */ - Memset(&p, 0, sizeof(p)); - p.shared_data_blob = cparams->shared_data_blob; - p.shared_data_size = cparams->shared_data_size; - p.gbb_data = cparams->gbb_data; - p.gbb_size = cparams->gbb_size; - p.fwmp = &fwmp; - - /* - * This could be set to NULL, in which case the vboot header - * information about the load address and size will be used. - */ - p.kernel_buffer = kparams->kernel_buffer; - p.kernel_buffer_size = kparams->kernel_buffer_size; - - p.nv_context = &vnc; + /* Set up boot flags */ p.boot_flags = 0; if (shared->flags & VBSD_BOOT_DEV_SWITCH_ON) p.boot_flags |= BOOT_FLAG_DEVELOPER; diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index 3535952f..49929151 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -419,14 +419,14 @@ int VerifyVmlinuzInsideKBlob(uint64_t kblob, uint64_t kblob_size, uint64_t VbSharedDataReserve(VbSharedDataHeader *header, uint64_t size) { - uint64_t offs = header->data_used; - - VBDEBUG(("VbSharedDataReserve %d bytes at %d\n", (int)size, (int)offs)); - if (!header || size > header->data_size - header->data_used) { VBDEBUG(("VbSharedData buffer out of space.\n")); return 0; /* Not initialized, or not enough space left. */ } + + uint64_t offs = header->data_used; + VBDEBUG(("VbSharedDataReserve %d bytes at %d\n", (int)size, (int)offs)); + header->data_used += size; return offs; } diff --git a/firmware/stub/vboot_api_stub_init.c b/firmware/stub/vboot_api_stub_init.c index 34387837..214387a2 100644 --- a/firmware/stub/vboot_api_stub_init.c +++ b/firmware/stub/vboot_api_stub_init.c @@ -24,7 +24,7 @@ static char fmtbuf[MAX_FMT+1]; static const char *fixfmt(const char *format) { int i; - for(i=0; i<MAX_FMT && format[i]; i++) { + for(i=0; i<sizeof(fmtbuf)-1 && format[i]; i++) { fmtbuf[i] = format[i]; if(format[i] == '%' && format[i+1] == 'L') { fmtbuf[i+1] = 'l'; |