Change in ...coreboot[master]: src/cpu/x86: Check pointer processor_name_start before dereference
John Zhao has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/33232
Change subject: src/cpu/x86: Check pointer processor_name_start before dereference ......................................................................
src/cpu/x86: Check pointer processor_name_start before dereference
Clang Static Analyzer version 8.0.0 detects the left operand of '==' is a garbage value if pointer processor_name_start is NULL. Add sanity check for processor_name_start before dereference.
TEST=Built and boot up to kernel.
Change-Id: I1f831a8661a4686d306b8217655942934102ea16 Signed-off-by: John Zhao john.zhao@intel.com --- M src/cpu/x86/name/name.c 1 file changed, 3 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/32/33232/1
diff --git a/src/cpu/x86/name/name.c b/src/cpu/x86/name/name.c index fc360cd..44a1cf0 100644 --- a/src/cpu/x86/name/name.c +++ b/src/cpu/x86/name/name.c @@ -37,6 +37,9 @@
/* Skip leading spaces. */ processor_name_start = (char *)name_as_ints; + if (!processor_name_start) + return; + while (*processor_name_start == ' ') processor_name_start++;
Arthur Heymans has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/33232 )
Change subject: src/cpu/x86: Check pointer processor_name_start before dereference ......................................................................
Patch Set 1:
(1 comment)
https://review.coreboot.org/#/c/33232/1/src/cpu/x86/name/name.c File src/cpu/x86/name/name.c:
https://review.coreboot.org/#/c/33232/1/src/cpu/x86/name/name.c@39 PS1, Line 39: name_as_ints how can this ever be NULL?
Hello Balaji Manigandan, Lijian Zhao, build bot (Jenkins), Martin Roth,
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/33232
to look at the new patch set (#2).
Change subject: src/cpu/x86: Check pointer processor_name_start before dereference ......................................................................
src/cpu/x86: Check pointer processor_name_start before dereference
Clang Static Analyzer version 8.0.0 detects the left operand of '==' is a garbage value if pointer processor_name_start is NULL. Add sanity check for processor_name_start before dereference.
TEST=Built and boot up to kernel.
Change-Id: I1f831a8661a4686d306b8217655942934102ea16 Signed-off-by: John Zhao john.zhao@intel.com --- M src/cpu/x86/name/name.c 1 file changed, 4 insertions(+), 1 deletion(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/32/33232/2
John Zhao has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/33232 )
Change subject: src/cpu/x86: Check pointer processor_name_start before dereference ......................................................................
Patch Set 2:
(1 comment)
https://review.coreboot.org/#/c/33232/1/src/cpu/x86/name/name.c File src/cpu/x86/name/name.c:
https://review.coreboot.org/#/c/33232/1/src/cpu/x86/name/name.c@39 PS1, Line 39: name_as_ints
how can this ever be NULL?
Moved the check after processor_name_start++ operation.
Arthur Heymans has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/33232 )
Change subject: src/cpu/x86: Check pointer processor_name_start before dereference ......................................................................
Patch Set 2:
(1 comment)
https://review.coreboot.org/#/c/33232/2/src/cpu/x86/name/name.c File src/cpu/x86/name/name.c:
https://review.coreboot.org/#/c/33232/2/src/cpu/x86/name/name.c@40 PS2, Line 40: processor_name_start I think clang is misleading here. You just want to make sure you're not dereferencing somthing outside the memory allocated for name_as_ints.
John Zhao has abandoned this change. ( https://review.coreboot.org/c/coreboot/+/33232 )
Change subject: src/cpu/x86: Check pointer processor_name_start before dereference ......................................................................
Abandoned
-
Arthur Heymans (Code Review) -
John Zhao (Code Review)