[U-Boot] [PATCH] bootm.c: Correct the flush_len used in bootm_load_os()
Simon Glass
sjg at chromium.org
Wed May 2 14:27:06 UTC 2018
On 1 May 2018 at 10:32, Tom Rini <trini at konsulko.com> wrote:
> In do_bootm_states when doing BOOTM_STATE_LOADOS we use load_end
> uninitialized and Coverity notes this now. This however leads down
> another interesting path. We pass this pointer to bootm_load_os and
> that in turn uses this uninitialized value immediately to calculate the
> flush length, and is wrong. We do not know what load_end will be until
> after bootm_decomp_image is called, so we must only set flush_len after
> that. All of this also makes it clear that the only reason we pass a
> pointer for load_end to bootm_load_os is so that we can call lmb_reserve
> on success. Rather than initialize load_end to 0 in do_bootm_states we
> can just call lmb_reserve ourself.
>
> Reported-by: Coverity (CID: 175572)
> Cc: Simon Glass <sjg at chromium.org>
> Signed-off-by: Tom Rini <trini at konsulko.com>
> ---
> common/bootm.c | 26 ++++++++++++--------------
> 1 file changed, 12 insertions(+), 14 deletions(-)
Looks better to me.
Reviewed-by: Simon Glass <sjg at chromium.org>
More information about the U-Boot
mailing list