Changeset b391affc in rtems


Ignore:
Timestamp:
May 6, 2021, 8:06:02 AM (7 weeks ago)
Author:
G S Niteesh Babu <niteesh.gs@…>
Branches:
master
Children:
c46d125
Parents:
2c5199b
git-author:
G S Niteesh Babu <niteesh.gs@…> (05/06/21 08:06:02)
git-committer:
Vijay Kumar Banerjee <vijay@…> (05/06/21 22:44:38)
Message:

bsps/shared/ofw: Fix coverity defects

This patch adds asserts to fix coverity defects
1) CID 1474437 (Out-of-bounds access)
2) CID 1474436 (Out-of-bounds access)

From manual inspection, out of bounds access cannot occur due to
bounds checking but coverity fails to detect the checks.
We are adding asserts as a secondary check.

File:
1 edited

Legend:

Unmodified
Added
Removed
  • bsps/shared/ofw/ofw.c

    r2c5199b rb391affc  
    4343#include <rtems/sysinit.h>
    4444#include <ofw/ofw_test.h>
     45#include <rtems/score/assert.h>
    4546
    4647static void *fdtp = NULL;
     
    187188  int offset;
    188189  int len;
     190  int copy_len;
    189191  uint32_t cpuid;
    190192
     
    227229  }
    228230
    229   bcopy(prop, buf, MIN(len, bufsize));
     231  copy_len = MIN(len, bufsize);
     232  _Assert(copy_len <= bufsize);
     233  memmove(buf, prop, copy_len);
    230234
    231235  return len;
     
    638642        range.size = fdt32_to_cpu(ptr[j].size);
    639643
     644        /**
     645         * (buf + size - (sizeof(buf[0]) - 1) is the last valid
     646         * address for buf[i]. If buf[i] points to any address larger
     647         * than this, it will be an out of bound access
     648         */
     649        _Assert(&buf[i] < (buf + size - (sizeof(buf[0]) - 1)));
    640650        if (buf[i].start >= range.child_bus &&
    641651            buf[i].start < range.child_bus + range.size) {
Note: See TracChangeset for help on using the changeset viewer.