Attention is currently required from: Angel Pons, Light, Anastasia Klimchuk.
Patch set 16:Code-Review +1
View Change
1 comment:
File ich_descriptors.c:
Patch Set #14, Line 501: for (j = 0; j < (size_t)min(num_regions, 12); j++)
That was a question for Edward :) Let's wait for reply. […]
Not sure why you don't believe it is the max bounds in this case? Anastasia, the number of regions is initialised to 10 and 16 above but that isn't the *max* bound for the loop.
I am not overly concerned about the identifier name, `max_region_index` or something will do, the structure of the code is more important imho. The main thing here is that the static analyzer is alluding to a area of code that has a possibly overflow generally indicates poor structure that allows such subtle bugs to emerge.
To view, visit change 62764. To unsubscribe, or for help writing mail filters, visit settings.
Gerrit-Project: flashrom
Gerrit-Branch: master
Gerrit-Change-Id: I5921cc571f3dca5188ca1973dba6ececbcbe2f39
Gerrit-Change-Number: 62764
Gerrit-PatchSet: 16
Gerrit-Owner: Light <aarya.chaumal@gmail.com>
Gerrit-Reviewer: Anastasia Klimchuk <aklm@chromium.org>
Gerrit-Reviewer: Angel Pons <th3fanbus@gmail.com>
Gerrit-Reviewer: Edward O'Callaghan <quasisec@chromium.org>
Gerrit-Reviewer: Nico Huber <nico.h@gmx.de>
Gerrit-Reviewer: build bot (Jenkins) <no-reply@coreboot.org>
Gerrit-CC: Paul Menzel <paulepanter@mailbox.org>
Gerrit-Attention: Angel Pons <th3fanbus@gmail.com>
Gerrit-Attention: Light <aarya.chaumal@gmail.com>
Gerrit-Attention: Anastasia Klimchuk <aklm@chromium.org>
Gerrit-Comment-Date: Wed, 30 Mar 2022 01:31:13 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
Comment-In-Reply-To: Edward O'Callaghan <quasisec@chromium.org>
Comment-In-Reply-To: Light <aarya.chaumal@gmail.com>
Comment-In-Reply-To: Anastasia Klimchuk <aklm@chromium.org>
Gerrit-MessageType: comment