Eric Lee / smarc-uboot

Download as
Browse Code »

Commit 54f1792c8df1dba9cd41d811a7860ddd417f634e

Authored by Tom Rini
1 parent 78eda89e9a
Exists in smarc_8mq_lf_v2020.04 and in 17 other branches 8qm-imx_v2020.04_5.4.70_2.3.0, emb_lf_v2022.04, pitx_8mp_lf_v2020.04, smarc-8m-android-10.0.0_2.6.0, smarc-8m-android-11.0.0_2.0.0, smarc-8mp-android-11.0.0_2.0.0, smarc-imx6_v2018.03_4.14.98_2.0.0_ga, smarc-imx7_v2018.03_4.14.98_2.0.0_ga, smarc-imx_v2018.03_4.14.78_1.0.0_ga, smarc_8m-imx_v2018.03_4.14.98_2.0.0_ga, smarc_8m-imx_v2019.04_4.19.35_1.1.0, smarc_8m_00d0-imx_v2018.03_4.14.98_2.0.0_ga, smarc_8mm-imx_v2018.03_4.14.98_2.0.0_ga, smarc_8mm-imx_v2019.04_4.19.35_1.1.0, smarc_8mm-imx_v2020.04_5.4.24_2.1.0, smarc_8mp_lf_v2020.04, smarc_8mq-imx_v2020.04_5.4.24_2.1.0

mtdparts: Fix various issues reported by Coverity 

Now that sandbox is building cmd/mtdparts.c Coverity has looked at the
code and found a number of issues.  In index_partitions() it is possible
that part will be NULL, so re-work the checks and debug statements to
take this into account.  We have a number of string buffers that we
print to in the exact size of, and use string functions on, so we need
to ensure they are large enough to be NULL terminated.  In
device_parse() it is not possible for num_partitions to be 0 (we would
have hit a different error first) so remove logically dead code.
Finally, in parse_mtdparts() if we have an error we need to free the
memory allocated to dev.

Cc: Lothar Waßmann <LW@KARO-electronics.de>
Cc: Maxime Ripard <maxime.ripard@free-electrons.com>
Reported-by: Coverity (CID: 166334, 166333, 166332, 166329, 166328)
Signed-off-by: Tom Rini <trini@konsulko.com>

Showing 1 changed file with 18 additions and 15 deletions Side-by-side Diff

... ... @@ -133,9 +133,9 @@
133 133 #define MTDIDS_MAXLEN 128
134 134 #define MTDPARTS_MAXLEN 512
135 135 #define PARTITION_MAXLEN 16
136   -static char last_ids[MTDIDS_MAXLEN];
137   -static char last_parts[MTDPARTS_MAXLEN];
138   -static char last_partition[PARTITION_MAXLEN];
  136 +static char last_ids[MTDIDS_MAXLEN + 1];
  137 +static char last_parts[MTDPARTS_MAXLEN + 1];
  138 +static char last_partition[PARTITION_MAXLEN + 1];
139 139  
140 140 /* low level jffs2 cache cleaning routine */
141 141 extern void jffs2_free_cache(struct part_info *part);
142 142  
143 143  
... ... @@ -240,15 +240,22 @@
240 240 if (dev == current_mtd_dev) {
241 241 mtddevnum += current_mtd_partnum;
242 242 env_set_ulong("mtddevnum", mtddevnum);
  243 + debug("=> mtddevnum %d,\n", mtddevnum);
243 244 break;
244 245 }
245 246 mtddevnum += dev->num_parts;
246 247 }
247 248  
248 249 part = mtd_part_info(current_mtd_dev, current_mtd_partnum);
249   - env_set("mtddevname", part->name);
  250 + if (part) {
  251 + env_set("mtddevname", part->name);
250 252  
251   - debug("=> mtddevnum %d,\n=> mtddevname %s\n", mtddevnum, part->name);
  253 + debug("=> mtddevname %s\n", part->name);
  254 + } else {
  255 + env_set("mtddevname", NULL);
  256 +
  257 + debug("=> mtddevname NULL\n");
  258 + }
252 259 } else {
253 260 env_set("mtddevnum", NULL);
254 261 env_set("mtddevname", NULL);
... ... @@ -912,12 +919,6 @@
912 919 return 1;
913 920 }
914 921  
915   - if (num_parts == 0) {
916   - printf("no partitions for device %s%d (%s)\n",
917   - MTD_DEV_TYPE(id->type), id->num, id->mtd_id);
918   - return 1;
919   - }
920   -
921 922 debug("\ntotal partitions: %d\n", num_parts);
922 923  
923 924 /* check for next device presence */
924 925  
... ... @@ -1593,8 +1594,10 @@
1593 1594 list_add_tail(&dev->link, &devices);
1594 1595 err = 0;
1595 1596 }
1596   - if (err == 1)
  1597 + if (err == 1) {
  1598 + free(dev);
1597 1599 device_delall(&devices);
  1600 + }
1598 1601  
1599 1602 return err;
1600 1603 }
... ... @@ -1730,9 +1733,9 @@
1730 1733 if (!initialized) {
1731 1734 INIT_LIST_HEAD(&mtdids);
1732 1735 INIT_LIST_HEAD(&devices);
1733   - memset(last_ids, 0, MTDIDS_MAXLEN);
1734   - memset(last_parts, 0, MTDPARTS_MAXLEN);
1735   - memset(last_partition, 0, PARTITION_MAXLEN);
  1736 + memset(last_ids, 0, sizeof(last_ids));
  1737 + memset(last_parts, 0, sizeof(last_parts));
  1738 + memset(last_partition, 0, sizeof(last_partition));
1736 1739 #if defined(CONFIG_SYS_MTDPARTS_RUNTIME)
1737 1740 board_mtdparts_default(&mtdids_default, &mtdparts_default);
1738 1741 #endif