[PATCH v4 0/2] Prevent use of unitialised variable vhdr

[PATCH v4 0/2] Prevent use of unitialised variable vhdr

[Andrew Goodbody]

Ensure that vhdr is initialised so that its value is never
accessed when not initialised.

Signed-off-by: Andrew Goodbody <andrew.goodbody@linaro.org>
---
Changes in v4:
- Fix another instance of the same bug
- Link to v3: https://lore.kernel.org/r/20250625-abootimg_fix-v3-1-9f302e96807d@linaro.org

Changes in v3:
- Just initialise the variable rather than exit early
- Link to v2: https://lore.kernel.org/r/20250625-abootimg_fix-v2-1-0d295dc1f1e2@linaro.org

Changes in v2:
- Add unmap_sysmem(hdr) in the new exit path
- Link to v1: https://lore.kernel.org/r/20250625-abootimg_fix-v1-1-ce1645ac9879@linaro.org

---
Andrew Goodbody (2):
      cmd: abootimg: Prevent use of unintialised variable
      boot: android: Prevent use of unintialised variable

 boot/image-android.c | 2 +-
 cmd/abootimg.c       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
---
base-commit: 903eb123236ccbd8ef05d43507a2a910b785bd56
change-id: 20250625-abootimg_fix-51600dc8356a

Best regards,
-- 
Andrew Goodbody <andrew.goodbody@linaro.org>

[PATCH v4 1/2] cmd: abootimg: Prevent use of unintialised variable

[Andrew Goodbody]

Initiaise vhdr to prevent its use when uninitialised.

This issue was found with Smatch.

Fixes: 636da2039aea (android: boot: support boot image header version 3 and 4)
Signed-off-by: Andrew Goodbody <andrew.goodbody@linaro.org>
---
 cmd/abootimg.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/cmd/abootimg.c b/cmd/abootimg.c
index ae7a1a7c83b..9ae87581d2c 100644
--- a/cmd/abootimg.c
+++ b/cmd/abootimg.c
@@ -95,7 +95,7 @@ static int abootimg_get_dtb_load_addr(int argc, char *const argv[])
 		return CMD_RET_USAGE;
 	struct andr_image_data img_data = {0};
 	const struct andr_boot_img_hdr_v0 *hdr;
-	const struct andr_vnd_boot_img_hdr *vhdr;
+	const struct andr_vnd_boot_img_hdr *vhdr = NULL;
 
 	hdr = map_sysmem(abootimg_addr(), sizeof(*hdr));
 	if (get_avendor_bootimg_addr() != -1)

-- 
2.39.5

[PATCH v4 2/2] boot: android: Prevent use of unintialised variable

[Andrew Goodbody]

Initialise vhdr to prevent its use when uninitialised.

This issue was found with Smatch.

Fixes: e058176be32b (android: boot: add vendor boot image to prepare for v3, v4 support)
Signed-off-by: Andrew Goodbody <andrew.goodbody@linaro.org>
---
 boot/image-android.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/boot/image-android.c b/boot/image-android.c
index 459cdb8456c..12bcf7e4fbd 100644
--- a/boot/image-android.c
+++ b/boot/image-android.c
@@ -677,7 +677,7 @@ bool android_image_get_dtb_by_index(ulong hdr_addr, ulong vendor_boot_img,
 {
 	struct andr_image_data img_data;
 	const struct andr_boot_img_hdr_v0 *hdr;
-	const struct andr_vnd_boot_img_hdr *vhdr;
+	const struct andr_vnd_boot_img_hdr *vhdr = NULL;
 
 	hdr = map_sysmem(hdr_addr, sizeof(*hdr));
 	if (vendor_boot_img != -1)

-- 
2.39.5

Re: [PATCH v4 1/2] cmd: abootimg: Prevent use of unintialised variable

[Mattijs Korpershoek]

Hi Andrew,

Thank you for the patch.

On Thu, Jun 26, 2025 at 17:38, Andrew Goodbody <andrew.goodbody@linaro.org> wrote:

> Initiaise vhdr to prevent its use when uninitialised.

s/Initiaise/Initialise/: will fix when applying.

>
> This issue was found with Smatch.
>
> Fixes: 636da2039aea (android: boot: support boot image header version 3 and 4)
> Signed-off-by: Andrew Goodbody <andrew.goodbody@linaro.org>
> ---
>  cmd/abootimg.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/cmd/abootimg.c b/cmd/abootimg.c
> index ae7a1a7c83b..9ae87581d2c 100644
> --- a/cmd/abootimg.c
> +++ b/cmd/abootimg.c
> @@ -95,7 +95,7 @@ static int abootimg_get_dtb_load_addr(int argc, char *const argv[])
>  		return CMD_RET_USAGE;
>  	struct andr_image_data img_data = {0};
>  	const struct andr_boot_img_hdr_v0 *hdr;
> -	const struct andr_vnd_boot_img_hdr *vhdr;
> +	const struct andr_vnd_boot_img_hdr *vhdr = NULL;
>  
>  	hdr = map_sysmem(abootimg_addr(), sizeof(*hdr));
>  	if (get_avendor_bootimg_addr() != -1)
>
> -- 
> 2.39.5

Re: [PATCH v4 2/2] boot: android: Prevent use of unintialised variable

[Mattijs Korpershoek]

Hi Andrew,

Thank you for the patch.

On Thu, Jun 26, 2025 at 17:38, Andrew Goodbody <andrew.goodbody@linaro.org> wrote:

> Initialise vhdr to prevent its use when uninitialised.
>
> This issue was found with Smatch.
>
> Fixes: e058176be32b (android: boot: add vendor boot image to prepare for v3, v4 support)
> Signed-off-by: Andrew Goodbody <andrew.goodbody@linaro.org>

Reviewed-by: Mattijs Korpershoek <mkorpershoek@kernel.org>

> ---
>  boot/image-android.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/boot/image-android.c b/boot/image-android.c
> index 459cdb8456c..12bcf7e4fbd 100644
> --- a/boot/image-android.c
> +++ b/boot/image-android.c
> @@ -677,7 +677,7 @@ bool android_image_get_dtb_by_index(ulong hdr_addr, ulong vendor_boot_img,
>  {
>  	struct andr_image_data img_data;
>  	const struct andr_boot_img_hdr_v0 *hdr;
> -	const struct andr_vnd_boot_img_hdr *vhdr;
> +	const struct andr_vnd_boot_img_hdr *vhdr = NULL;
>  
>  	hdr = map_sysmem(hdr_addr, sizeof(*hdr));
>  	if (vendor_boot_img != -1)
>
> -- 
> 2.39.5

Re: [PATCH v4 0/2] Prevent use of unitialised variable vhdr

[Mattijs Korpershoek]

Hi,

On Thu, 26 Jun 2025 17:38:53 +0100, Andrew Goodbody wrote:
> Ensure that vhdr is initialised so that its value is never
> accessed when not initialised.
> 
> 

Thanks, Applied to https://source.denx.de/u-boot/custodians/u-boot-dfu (u-boot-dfu-next)

[1/2] cmd: abootimg: Prevent use of unintialised variable
      https://source.denx.de/u-boot/custodians/u-boot-dfu/-/commit/4b9717c6868f2f98b02fbe87a885cfa48a5b9946
[2/2] boot: android: Prevent use of unintialised variable
      https://source.denx.de/u-boot/custodians/u-boot-dfu/-/commit/4b489f517366595cd3f003d4175e721bd927a18b

--
Mattijs