Edward O'Callaghan has submitted this change. ( https://review.coreboot.org/c/flashrom/+/50246 )

Change subject: programmer.h: Convert anon union to anon struct ......................................................................

programmer.h: Convert anon union to anon struct

Convert the anon union of registered masters in the mst field of the flashctx to a anon struct. If we are going to dereference a pointer there in an undefined way we should crash and not plow ahead with invalid memory.

The user of the registered_masters type is therefore responsible for querying the buses_supported field before attempting to dereference a ptr field in the anon struct.

BUG=b:175849641 TEST=`flashrom -p internal --flash-name`

Change-Id: I576967a8599b923c902e39f177f39146291cc242 Signed-off-by: Edward O'Callaghan quasisec@google.com Reviewed-on: https://review.coreboot.org/c/flashrom/+/50246 Reviewed-by: Anastasia Klimchuk aklm@chromium.org Reviewed-by: Peter Marheine pmarheine@chromium.org Reviewed-by: Daniel Campello campello@chromium.org Reviewed-by: Sam McNally sammc@google.com Tested-by: build bot (Jenkins) no-reply@coreboot.org --- M opaque.c M programmer.c M programmer.h M spi.c 4 files changed, 5 insertions(+), 4 deletions(-)

Approvals: build bot (Jenkins): Verified Sam McNally: Looks good to me, approved Daniel Campello: Looks good to me, but someone else must approve Peter Marheine: Looks good to me, but someone else must approve Anastasia Klimchuk: Looks good to me, but someone else must approve

diff --git a/opaque.c b/opaque.c index 276934f..e3103c8 100644 --- a/opaque.c +++ b/opaque.c @@ -48,7 +48,7 @@

int register_opaque_master(const struct opaque_master *mst) { - struct registered_master rmst; + struct registered_master rmst = {0};

if (!mst->probe || !mst->read || !mst->write || !mst->erase) { msg_perr("%s called with incomplete master definition. " diff --git a/programmer.c b/programmer.c index bee60e3..42ea2e3 100644 --- a/programmer.c +++ b/programmer.c @@ -83,7 +83,8 @@ int register_par_master(const struct par_master *mst, const enum chipbustype buses) { - struct registered_master rmst; + struct registered_master rmst = {0}; + if (!mst->chip_writeb || !mst->chip_writew || !mst->chip_writel || !mst->chip_writen || !mst->chip_readb || !mst->chip_readw || !mst->chip_readl || !mst->chip_readn) { diff --git a/programmer.h b/programmer.h index 29a100b..675a259 100644 --- a/programmer.h +++ b/programmer.h @@ -749,7 +749,7 @@ int register_par_master(const struct par_master *mst, const enum chipbustype buses); struct registered_master { enum chipbustype buses_supported; - union { + struct { struct par_master par; struct spi_master spi; struct opaque_master opaque; diff --git a/spi.c b/spi.c index aed2a92..aa245d7 100644 --- a/spi.c +++ b/spi.c @@ -133,7 +133,7 @@

int register_spi_master(const struct spi_master *mst) { - struct registered_master rmst; + struct registered_master rmst = {0};

if (!mst->write_aai || !mst->write_256 || !mst->read || !mst->command || !mst->multicommand ||