Hello,

Hope you are doing well, I am Prakhar Agrawal, currently pursuing Electronics and Communications Engineering from Amrita Vishwa Vidhyapeetham Amritapuri. (2019-2022).

For the past  1 year, I have been working with startups to design and develop low latency embedded devices and have also been actively involved in running and managing the bi0s students club(India's best CTF team)

While going through different organizations for GSOC 2022, I found Flashrom, and it caught my interest. 

I was trying to get familiar with the flashrom code-base through easy projects listed here

I had a few queries in 'Fix issues found by scan-build':-
  • In serprog.c,
    function 
    static int sp_stream_buffer_op( ),
     if (!sp) {
    msg_perr("Error: cannot malloc command buffer\n");
    return 1;
    }
    sp is a pointer, in which a block of memory is being allocated, but in this function,  if (!sp) i.e pointer is not null, i.e the memory has been allocated, then why should there be an error message?
  • While fixing the error generated from the error report, null was being passed to memcpy, here
    if (sp_stream_buffer_op(S_CMD_O_EXEC, 0, NULL) != 0)
    to try and fix this issue, I updated the function definition
    static int sp_stream_buffer_op(uint8_t cmd, uint32_t parmlen, uint8_t *parms){
    uint8_t *sp;
    if (sp_automatic_cmdcheck(cmd))
    return 1;
    sp = malloc(1 + parmlen);
    if (!sp) {
    msg_perr("Error: cannot malloc command buffer\n");
    return 1;
    }
    sp[0] = cmd;
    /*
    * Fixed: Added an If block to check the parameter length,
    * if parameter length is 0 i.e- param is NULL return 1,
    * else do memcpy
    */
    if(parmlen==0){
    //memcpy(&(sp[1]),0, parmlen);
    msg_perr("Error: Cannot pass Empty parameter\n");
    return 1;
    }
    else{
    memcpy(&(sp[1]),parms, parmlen);
    }
    The above changes fixed the error of null value being passed, but now I am getting a memory leak error.

    Can someone guide me in the right direction on how to fix it? 

    Hoping for a quick and positive response.
Warm Regards
Prakhar Agrawal