New patch to review for coreboot: 89bc4f0 nvramtool: write size field more obviously - coreboot-gerrit

15 Nov 2013

Patrick Georgi (patrick@georgi-clan.de) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/4087
-gerrit
commit 89bc4f0fe77d7149c13ac96cf4d58efa303a7b43
Author: Patrick Georgi patrick@georgi-clan.de
Date:   Mon Nov 11 15:16:53 2013 +0100
nvramtool: write size field more obviously
The field wasn't initialized in RAM first and later overwritten in a somewhat
    twisted way (that relied on the size field coming after the tag field in the
    struct).
Change-Id: Ibe931b297df51e3c46ae163e059338781f5a27e2
    Found-by: Coverity Scan
    Signed-off-by: Patrick Georgi patrick@georgi-clan.de
---
 util/nvramtool/accessors/layout-bin.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/util/nvramtool/accessors/layout-bin.c b/util/nvramtool/accessors/layout-bin.c
index fd3e08c..4b7f8d6 100644
--- a/util/nvramtool/accessors/layout-bin.c
+++ b/util/nvramtool/accessors/layout-bin.c
@@ -112,6 +112,7 @@ int write_cmos_layout_bin(FILE *f)
    		sum += sizeof(table);
    		table.header_length = sizeof(table);
    		table.tag = LB_TAG_CMOS_OPTION_TABLE;
+			table.size = 0;
if (fwrite((char *)&table, sizeof(table), 1, f) != 1) {
    			perror("Error writing image file");
@@ -187,12 +188,13 @@ int write_cmos_layout_bin(FILE *f)
    	goto err;
    }
-	if (fseek(f, sizeof(table.tag), SEEK_SET) != 0) {
+	if (fseek(f, 0, SEEK_SET) != 0) {
    	perror("Error while seeking");
    	goto err;
    }
-	if (fwrite((char *)&sum, sizeof(table.tag), 1, f) != 1) {
+	table.size = sum;
+	if (fwrite((char *)&table, sizeof(table), 1, f) != 1) {
    	perror("Error writing image file");
    	goto err;
    }

    