Re: New Defects reported by Coverity Scan for Das U-Boot

[Tom Rini <trini@konsulko.com>]

[-- Attachment #1: Type: text/plain, Size: 1574 bytes --]

On Tue, Dec 09, 2025 at 01:06:28PM +0200, Adriana Nicolae wrote:

> Hello,
> 
> A possible fix for fdtdec.c tests would be to validate the fdt size
> before using it.
> All 3 tests in this file are using the same approach, if the previous tests were
> acceptable the newly added one has some identical parts.
> 
> If there is a way to test and fix all these 3 errors, I've put some
> changes which
> might be enough for Coverity to assume that the size of the fdt is safe. Let me
> know how I can test it or should I send an email to post it as a
> separate change?

Thanks. A frustrating thing to me with Coverity is I've never seen a way
to test if a change fixes a bug (if you *pay* for Coverity then you can
do many more runs, and also run it on CI test branches and not pollute
your main results I believe, is why). So we need to do it as a regular
patch.

> diff --git a/test/dm/fdtdec.c b/test/dm/fdtdec.c
> index ea5a494612c..a3c90d38115 100644
> --- a/test/dm/fdtdec.c
> +++ b/test/dm/fdtdec.c
> @@ -14,14 +14,21 @@
> 
>  DECLARE_GLOBAL_DATA_PTR;
> 
> +#define FDTDEC_MAX_SIZE  (2 * 1024 * 1024)
> +
>  static int dm_test_fdtdec_set_carveout(struct unit_test_state *uts)
>  {
>   struct fdt_memory resv;
>   void *blob;
>   const fdt32_t *prop;
> - int blob_sz, len, offset;
> + int blob_sz, len, offset, fdt_sz;
> +
> + fdt_sz = fdt_totalsize(gd->fdt_blob);
> + if (fdt_sz <= 0 || fdt_sz > FDTDEC_MAX_SIZE) {
> + return -EINVAL;
> + }

Since these are tests, can we ut_assertsomething here instead? Thanks!

-- 
Tom

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 228 bytes --]