[U-Boot] bootm.c: Correct the flush_len used in bootm_load_os()

Tom Rini trini at konsulko.com
Wed May 9 01:31:37 UTC 2018


On Tue, May 01, 2018 at 12:32:37PM -0400, Tom Rini wrote:

> In do_bootm_states when doing BOOTM_STATE_LOADOS we use load_end
> uninitialized and Coverity notes this now.  This however leads down
> another interesting path.  We pass this pointer to bootm_load_os and
> that in turn uses this uninitialized value immediately to calculate the
> flush length, and is wrong.  We do not know what load_end will be until
> after bootm_decomp_image is called, so we must only set flush_len after
> that.  All of this also makes it clear that the only reason we pass a
> pointer for load_end to bootm_load_os is so that we can call lmb_reserve
> on success.  Rather than initialize load_end to 0 in do_bootm_states we
> can just call lmb_reserve ourself.
> 
> Reported-by: Coverity (CID: 175572)
> Cc: Simon Glass <sjg at chromium.org>
> Signed-off-by: Tom Rini <trini at konsulko.com>
> Reviewed-by: Simon Glass <sjg at chromium.org>

Applied to u-boot/master, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20180508/130fb56c/attachment.sig>


More information about the U-Boot mailing list