John Zhao has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/33101
Change subject: src/device: Prevent attack on null pointer dereference ......................................................................
src/device: Prevent attack on null pointer dereference
Clang Static Analyzer version 8.0.0 detects access to field dev results in a dereference of a null pointer which is loaded from variable bus. Add sanity check for pointer bus to prevent null pointer dereference.
TEST=Built and boot up to kernel.
Change-Id: I084906c33065eaa834f50c545efcfab620658ec9 Signed-off-by: John Zhao john.zhao@intel.com --- M src/device/device.c 1 file changed, 6 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/01/33101/1
diff --git a/src/device/device.c b/src/device/device.c index 1b4255b..5edc173 100644 --- a/src/device/device.c +++ b/src/device/device.c @@ -340,6 +340,9 @@ resource_t base; base = round(bridge->base, bridge->align);
+ if (!base) + return; + printk(BIOS_SPEW, "%s %s: base: %llx size: %llx align: %d gran: %d" " limit: %llx\n", dev_path(bus->dev), resource2str(bridge), base, bridge->size, bridge->align, @@ -484,6 +487,9 @@ resource_t base; base = bridge->base;
+ if (!base) + return; + printk(BIOS_SPEW, "%s %s: base:%llx size:%llx align:%d gran:%d " "limit:%llx\n", dev_path(bus->dev), resource2str(bridge),
Hello build bot (Jenkins),
I'd like you to reexamine a change. Please visit
https://review.coreboot.org/c/coreboot/+/33101
to look at the new patch set (#2).
Change subject: src/device: Prevent attack on null pointer dereference ......................................................................
src/device: Prevent attack on null pointer dereference
Clang Static Analyzer version 8.0.0 detects access to field dev results in a dereference of a null pointer which is loaded from variable bus. Add sanity check for pointer bus to prevent null pointer dereference.
TEST=Built and boot up to kernel.
Change-Id: I084906c33065eaa834f50c545efcfab620658ec9 Signed-off-by: John Zhao john.zhao@intel.com --- M src/device/device.c 1 file changed, 6 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/01/33101/2
Lijian Zhao has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/33101 )
Change subject: src/device: Prevent attack on null pointer dereference ......................................................................
Patch Set 2: Code-Review+2
Patrick Georgi has submitted this change and it was merged. ( https://review.coreboot.org/c/coreboot/+/33101 )
Change subject: src/device: Prevent attack on null pointer dereference ......................................................................
src/device: Prevent attack on null pointer dereference
Clang Static Analyzer version 8.0.0 detects access to field dev results in a dereference of a null pointer which is loaded from variable bus. Add sanity check for pointer bus to prevent null pointer dereference.
TEST=Built and boot up to kernel.
Change-Id: I084906c33065eaa834f50c545efcfab620658ec9 Signed-off-by: John Zhao john.zhao@intel.com Reviewed-on: https://review.coreboot.org/c/coreboot/+/33101 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Lijian Zhao lijian.zhao@intel.com --- M src/device/device.c 1 file changed, 6 insertions(+), 0 deletions(-)
Approvals: build bot (Jenkins): Verified Lijian Zhao: Looks good to me, approved
diff --git a/src/device/device.c b/src/device/device.c index 1b4255b..17cd8f4 100644 --- a/src/device/device.c +++ b/src/device/device.c @@ -340,6 +340,9 @@ resource_t base; base = round(bridge->base, bridge->align);
+ if (!bus) + return; + printk(BIOS_SPEW, "%s %s: base: %llx size: %llx align: %d gran: %d" " limit: %llx\n", dev_path(bus->dev), resource2str(bridge), base, bridge->size, bridge->align, @@ -484,6 +487,9 @@ resource_t base; base = bridge->base;
+ if (!bus) + return; + printk(BIOS_SPEW, "%s %s: base:%llx size:%llx align:%d gran:%d " "limit:%llx\n", dev_path(bus->dev), resource2str(bridge),
-
John Zhao (Code Review) -
Lijian Zhao (Code Review)
-
Patrick Georgi (Code Review)