From: Tom Rini Date: Sat, 7 Oct 2017 15:27:59 +0000 (-0400) Subject: cmd/gpt.c, cmd/nvedit.c, tools/fit_image.c: Rework recent fixes for Coverity X-Git-Url: http://git.dujemihanovic.xyz/?a=commitdiff_plain;h=bf52fcdef4aac242b5e6b6b9827acf6d69ce1951;p=u-boot.git cmd/gpt.c, cmd/nvedit.c, tools/fit_image.c: Rework recent fixes for Coverity The recent changes to these files did not completely fix the previous issues, or introduced different (minor) issues. In cmd/gpt.c we need to dereference str_disk_guid to be sure that malloc worked. In cmd/nvedit.c we need to be careful that we can also fit in that leading space when adding to the string. And in tools/fit_image.c we need to re-work the error handling slightly in fit_import_data() so that we only call munmap() once. We have two error paths here, one where we have an fd to close and one where we do not. Adjust labels to match this. Reported-by: Coverity (CID: 167366, 167367, 167370) Signed-off-by: Tom Rini --- diff --git a/cmd/gpt.c b/cmd/gpt.c index 9e04affc06..27dd98755a 100644 --- a/cmd/gpt.c +++ b/cmd/gpt.c @@ -402,7 +402,7 @@ static int set_gpt_info(struct blk_desc *dev_desc, if (!val) { #ifdef CONFIG_RANDOM_UUID *str_disk_guid = malloc(UUID_STR_LEN + 1); - if (str_disk_guid == NULL) + if (*str_disk_guid == NULL) return -ENOMEM; gen_rand_uuid_str(*str_disk_guid, UUID_STR_FORMAT_STD); #else diff --git a/cmd/nvedit.c b/cmd/nvedit.c index 8752ff475a..90f76bbc20 100644 --- a/cmd/nvedit.c +++ b/cmd/nvedit.c @@ -393,7 +393,7 @@ int do_env_ask(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) sprintf(message, "Please enter '%s': ", argv[1]); } else { /* env_ask envname message1 ... messagen [size] */ - for (i = 2, pos = 0; i < argc && pos < sizeof(message); i++) { + for (i = 2, pos = 0; i < argc && pos+1 < sizeof(message); i++) { if (pos) message[pos++] = ' '; diff --git a/tools/fit_image.c b/tools/fit_image.c index c6026567f3..30257b178e 100644 --- a/tools/fit_image.c +++ b/tools/fit_image.c @@ -537,21 +537,21 @@ static int fit_import_data(struct image_tool_params *params, const char *fname) fprintf(stderr, "%s: Failed to allocate memory (%d bytes)\n", __func__, size); ret = -ENOMEM; - goto err; + goto err_has_fd; } ret = fdt_open_into(old_fdt, fdt, size); if (ret) { debug("%s: Failed to expand FIT: %s\n", __func__, fdt_strerror(errno)); ret = -EINVAL; - goto err; + goto err_has_fd; } images = fdt_path_offset(fdt, FIT_IMAGES_PATH); if (images < 0) { debug("%s: Cannot find /images node: %d\n", __func__, images); ret = -EINVAL; - goto err; + goto err_has_fd; } for (node = fdt_first_subnode(fdt, images); @@ -572,11 +572,11 @@ static int fit_import_data(struct image_tool_params *params, const char *fname) debug("%s: Failed to write property: %s\n", __func__, fdt_strerror(ret)); ret = -EINVAL; - goto err; + goto err_has_fd; } } - munmap(old_fdt, sbuf.st_size); + /* Close the old fd so we can re-use it. */ close(fd); /* Pack the FDT and place the data after it */ @@ -589,22 +589,23 @@ static int fit_import_data(struct image_tool_params *params, const char *fname) if (fd < 0) { fprintf(stderr, "%s: Can't open %s: %s\n", params->cmdname, fname, strerror(errno)); - free(fdt); - return -EIO; + ret = -EIO; + goto err_no_fd; } if (write(fd, fdt, new_size) != new_size) { debug("%s: Failed to write external data to file %s\n", __func__, strerror(errno)); ret = -EIO; - goto err; + goto err_has_fd; } ret = 0; -err: +err_has_fd: + close(fd); +err_no_fd: munmap(old_fdt, sbuf.st_size); free(fdt); - close(fd); return ret; }