John Zhao has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/33101
Change subject: src/device: Prevent attack on null pointer dereference ......................................................................
src/device: Prevent attack on null pointer dereference
Clang Static Analyzer version 8.0.0 detects access to field dev results in a dereference of a null pointer which is loaded from variable bus. Add sanity check for pointer bus to prevent null pointer dereference.
TEST=Built and boot up to kernel.
Change-Id: I084906c33065eaa834f50c545efcfab620658ec9 Signed-off-by: John Zhao john.zhao@intel.com --- M src/device/device.c 1 file changed, 6 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/01/33101/1
diff --git a/src/device/device.c b/src/device/device.c index 1b4255b..5edc173 100644 --- a/src/device/device.c +++ b/src/device/device.c @@ -340,6 +340,9 @@ resource_t base; base = round(bridge->base, bridge->align);
+ if (!base) + return; + printk(BIOS_SPEW, "%s %s: base: %llx size: %llx align: %d gran: %d" " limit: %llx\n", dev_path(bus->dev), resource2str(bridge), base, bridge->size, bridge->align, @@ -484,6 +487,9 @@ resource_t base; base = bridge->base;
+ if (!base) + return; + printk(BIOS_SPEW, "%s %s: base:%llx size:%llx align:%d gran:%d " "limit:%llx\n", dev_path(bus->dev), resource2str(bridge),