devicetree.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* [bug report] scripts/dtc: Update to upstream version v1.5.0-23-g87963ee20693
@ 2019-06-26 10:07 Dan Carpenter
  0 siblings, 0 replies; only message in thread
From: Dan Carpenter @ 2019-06-26 10:07 UTC (permalink / raw)
  To: robh; +Cc: devicetree

Hello Rob Herring,

The patch 9bb9c6a110ea: "scripts/dtc: Update to upstream version
v1.5.0-23-g87963ee20693" from Jun 12, 2019, leads to the following
static checker warning:

	./scripts/dtc/libfdt/fdt_addresses.c:74 fdt_appendprop_addrrange()
	warn: integer overflow (literal): u32max + 1

./scripts/dtc/libfdt/fdt_addresses.c
    54  /* This function assumes that [address|size]_cells is 1 or 2 */
    55  int fdt_appendprop_addrrange(void *fdt, int parent, int nodeoffset,
    56                               const char *name, uint64_t addr, uint64_t size)
    57  {
    58          int addr_cells, size_cells, ret;
    59          uint8_t data[sizeof(fdt64_t) * 2], *prop;
    60  
    61          ret = fdt_address_cells(fdt, parent);
    62          if (ret < 0)
    63                  return ret;
    64          addr_cells = ret;
    65  
    66          ret = fdt_size_cells(fdt, parent);
    67          if (ret < 0)
    68                  return ret;
    69          size_cells = ret;
    70  
    71          /* check validity of address */
    72          prop = data;
    73          if (addr_cells == 1) {
    74                  if ((addr > UINT32_MAX) || ((UINT32_MAX + 1 - addr) < size))
                                                     ^^^^^^^^^^^^^^
UINT32_MAX + 1 is just zero.

    75                          return -FDT_ERR_BADVALUE;
    76  
    77                  fdt32_st(prop, (uint32_t)addr);
    78          } else if (addr_cells == 2) {
    79                  fdt64_st(prop, addr);
    80          } else {
    81                  return -FDT_ERR_BADNCELLS;
    82          }
    83  
    84          /* check validity of size */
    85          prop += addr_cells * sizeof(fdt32_t);
    86          if (size_cells == 1) {
    87                  if (size > UINT32_MAX)
    88                          return -FDT_ERR_BADVALUE;
    89  
    90                  fdt32_st(prop, (uint32_t)size);
    91          } else if (size_cells == 2) {
    92                  fdt64_st(prop, size);
    93          } else {
    94                  return -FDT_ERR_BADNCELLS;
    95          }

regards,
dan carpenter

^ permalink raw reply	[flat|nested] only message in thread
only message in thread, other threads:[~2019-06-26 10:07 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-06-26 10:07 [bug report] scripts/dtc: Update to upstream version v1.5.0-23-g87963ee20693 Dan Carpenter

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).