Martin Roth merged this change.

View Change

Approvals: build bot (Jenkins): Verified Paul Menzel: Looks good to me, but someone else must approve HAOUAS Elyes: Looks good to me, approved 
arch/x86: Use ssize_t to store length

size_t is the wrong type to store the return value of
acpi_device_path_fill(), since any negative error values will be
converted to a very large unsigned integer and potentially cause
buffer overflow.

Change-Id: Ia8ed62ecfac8eaa18a61545bd203b3c7a7cd9ca5
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1402095
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33962
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: HAOUAS Elyes <ehaouas@noos.fr>
Reviewed-by: Paul Menzel <paulepanter@users.sourceforge.net>
---
M src/arch/x86/acpi_device.c
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/arch/x86/acpi_device.c b/src/arch/x86/acpi_device.c
index 57fbc89..0fb8f3b 100644
--- a/src/arch/x86/acpi_device.c
+++ b/src/arch/x86/acpi_device.c
@@ -148,7 +148,7 @@
 const char *acpi_device_path_join(struct device *dev, const char *name)
 {
 	static char buf[DEVICE_PATH_MAX] = {};
-	size_t len;
+	ssize_t len;
 
 	if (!dev)
 		return NULL;

To view, visit change 33962. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Ia8ed62ecfac8eaa18a61545bd203b3c7a7cd9ca5
Gerrit-Change-Number: 33962
Gerrit-PatchSet: 2
Gerrit-Owner: Jacob Garber <jgarber1@ualberta.ca>
Gerrit-Reviewer: David Hendricks <david.hendricks@gmail.com>
Gerrit-Reviewer: HAOUAS Elyes <ehaouas@noos.fr>
Gerrit-Reviewer: Jacob Garber <jgarber1@ualberta.ca>
Gerrit-Reviewer: Martin Roth <martinroth@google.com>
Gerrit-Reviewer: Patrick Georgi <pgeorgi@google.com>
Gerrit-Reviewer: Paul Menzel <paulepanter@users.sourceforge.net>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-MessageType: merged