Edward O'Callaghan submitted this change.

View Change

Approvals: build bot (Jenkins): Verified Sam McNally: Looks good to me, approved Daniel Campello: Looks good to me, but someone else must approve Peter Marheine: Looks good to me, but someone else must approve Anastasia Klimchuk: Looks good to me, but someone else must approve 
programmer.h: Convert anon union to anon struct

Convert the anon union of registered masters in the mst
field of the flashctx to a anon struct. If we are going
to dereference a pointer there in an undefined way we
should crash and not plow ahead with invalid memory.

The user of the registered_masters type is therefore
responsible for querying the buses_supported field before
attempting to dereference a ptr field in the anon struct.

BUG=b:175849641
TEST=`flashrom -p internal --flash-name`

Change-Id: I576967a8599b923c902e39f177f39146291cc242
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/50246
Reviewed-by: Anastasia Klimchuk <aklm@chromium.org>
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-by: Daniel Campello <campello@chromium.org>
Reviewed-by: Sam McNally <sammc@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
---
M opaque.c
M programmer.c
M programmer.h
M spi.c
4 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/opaque.c b/opaque.c
index 276934f..e3103c8 100644
--- a/opaque.c
+++ b/opaque.c
@@ -48,7 +48,7 @@
 
 int register_opaque_master(const struct opaque_master *mst)
 {
-	struct registered_master rmst;
+	struct registered_master rmst = {0};
 
 	if (!mst->probe || !mst->read || !mst->write || !mst->erase) {
 		msg_perr("%s called with incomplete master definition. "
diff --git a/programmer.c b/programmer.c
index bee60e3..42ea2e3 100644
--- a/programmer.c
+++ b/programmer.c
@@ -83,7 +83,8 @@
 int register_par_master(const struct par_master *mst,
 			    const enum chipbustype buses)
 {
-	struct registered_master rmst;
+	struct registered_master rmst = {0};
+
 	if (!mst->chip_writeb || !mst->chip_writew || !mst->chip_writel ||
 	    !mst->chip_writen || !mst->chip_readb || !mst->chip_readw ||
 	    !mst->chip_readl || !mst->chip_readn) {
diff --git a/programmer.h b/programmer.h
index 29a100b..675a259 100644
--- a/programmer.h
+++ b/programmer.h
@@ -749,7 +749,7 @@
 int register_par_master(const struct par_master *mst, const enum chipbustype buses);
 struct registered_master {
 	enum chipbustype buses_supported;
-	union {
+	struct {
 		struct par_master par;
 		struct spi_master spi;
 		struct opaque_master opaque;
diff --git a/spi.c b/spi.c
index aed2a92..aa245d7 100644
--- a/spi.c
+++ b/spi.c
@@ -133,7 +133,7 @@
 
 int register_spi_master(const struct spi_master *mst)
 {
-	struct registered_master rmst;
+	struct registered_master rmst = {0};
 
 	if (!mst->write_aai || !mst->write_256 || !mst->read || !mst->command ||
 	    !mst->multicommand ||

To view, visit change 50246. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-Project: flashrom
Gerrit-Branch: master
Gerrit-Change-Id: I576967a8599b923c902e39f177f39146291cc242
Gerrit-Change-Number: 50246
Gerrit-PatchSet: 5
Gerrit-Owner: Edward O'Callaghan <quasisec@chromium.org>
Gerrit-Reviewer: Alan Green <avg@google.com>
Gerrit-Reviewer: Anastasia Klimchuk <aklm@chromium.org>
Gerrit-Reviewer: Angel Pons <th3fanbus@gmail.com>
Gerrit-Reviewer: Daniel Campello <campello@chromium.org>
Gerrit-Reviewer: Edward O'Callaghan <quasisec@chromium.org>
Gerrit-Reviewer: Nico Huber <nico.h@gmx.de>
Gerrit-Reviewer: Peter Marheine <pmarheine@chromium.org>
Gerrit-Reviewer: Sam McNally <sammc@google.com>
Gerrit-Reviewer: Stefan Reinauer <stefan.reinauer@coreboot.org>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-CC: Paul Menzel <paulepanter@mailbox.org>
Gerrit-MessageType: merged