[PATCH V2 18/30] imx: hab: Fix coverity issue in HAB event decoding

Peng Fan (OSS) peng.fan at oss.nxp.com
Thu Jun 15 12:09:15 CEST 2023


From: Ye Li <ye.li at nxp.com>

Fix below coverity issues caused by get_idx function where "-1" is
compared with uint8_t "element"
343336 Unsigned compared with neg
343337 Operands don't affect result

Additional, this function returns "-1" will cause overflow to
event string array.

Reviewed-by: Peng Fan <peng.fan at nxp.com>
Signed-off-by: Ye Li <ye.li at nxp.com>
Signed-off-by: Peng Fan <peng.fan at nxp.com>
---
 arch/arm/mach-imx/hab.c | 41 ++++++++++++++++++++++-------------------
 1 file changed, 22 insertions(+), 19 deletions(-)

diff --git a/arch/arm/mach-imx/hab.c b/arch/arm/mach-imx/hab.c
index c6747b257c4..de8fcc7c27d 100644
--- a/arch/arm/mach-imx/hab.c
+++ b/arch/arm/mach-imx/hab.c
@@ -289,9 +289,10 @@ static char *rsn_str[] = {
 };
 
 static char *sts_str[] = {
-			  "STS = HAB_SUCCESS (0xF0)\n",
+			  "STS = HAB_STS_ANY (0x00)\n",
 			  "STS = HAB_FAILURE (0x33)\n",
 			  "STS = HAB_WARNING (0x69)\n",
+			  "STS = HAB_SUCCESS (0xF0)\n",
 			  "STS = INVALID\n",
 			  NULL
 };
@@ -336,8 +337,7 @@ static uint8_t hab_statuses[5] = {
 	HAB_STS_ANY,
 	HAB_FAILURE,
 	HAB_WARNING,
-	HAB_SUCCESS,
-	-1
+	HAB_SUCCESS
 };
 
 static uint8_t hab_reasons[26] = {
@@ -365,8 +365,7 @@ static uint8_t hab_reasons[26] = {
 	HAB_UNS_ITEM,
 	HAB_UNS_KEY,
 	HAB_UNS_PROTOCOL,
-	HAB_UNS_STATE,
-	-1
+	HAB_UNS_STATE
 };
 
 static uint8_t hab_contexts[12] = {
@@ -380,8 +379,7 @@ static uint8_t hab_contexts[12] = {
 	HAB_CTX_COMMAND,
 	HAB_CTX_AUT_DAT,
 	HAB_CTX_ASSERT,
-	HAB_CTX_EXIT,
-	-1
+	HAB_CTX_EXIT
 };
 
 static uint8_t hab_engines[16] = {
@@ -399,30 +397,35 @@ static uint8_t hab_engines[16] = {
 	HAB_ENG_ROM,
 	HAB_ENG_HDCP,
 	HAB_ENG_RTL,
-	HAB_ENG_SW,
-	-1
+	HAB_ENG_SW
 };
 
-static inline uint8_t get_idx(uint8_t *list, uint8_t tgt)
+static inline u32 get_idx(u8 *list, u8 tgt, u32 size)
 {
-	uint8_t idx = 0;
-	uint8_t element = list[idx];
-	while (element != -1) {
+	u32 idx = 0;
+	u8 element;
+
+	while (idx < size) {
+		element = list[idx];
 		if (element == tgt)
 			return idx;
-		element = list[++idx];
+		++idx;
 	}
-	return -1;
+	return idx;
 }
 
 static void process_event_record(uint8_t *event_data, size_t bytes)
 {
 	struct record *rec = (struct record *)event_data;
 
-	printf("\n\n%s", sts_str[get_idx(hab_statuses, rec->contents[0])]);
-	printf("%s", rsn_str[get_idx(hab_reasons, rec->contents[1])]);
-	printf("%s", ctx_str[get_idx(hab_contexts, rec->contents[2])]);
-	printf("%s", eng_str[get_idx(hab_engines, rec->contents[3])]);
+	printf("\n\n%s", sts_str[get_idx(hab_statuses, rec->contents[0],
+	       ARRAY_SIZE(hab_statuses))]);
+	printf("%s", rsn_str[get_idx(hab_reasons, rec->contents[1],
+	       ARRAY_SIZE(hab_reasons))]);
+	printf("%s", ctx_str[get_idx(hab_contexts, rec->contents[2],
+	       ARRAY_SIZE(hab_contexts))]);
+	printf("%s", eng_str[get_idx(hab_engines, rec->contents[3],
+	       ARRAY_SIZE(hab_engines))]);
 }
 
 static void display_event(uint8_t *event_data, size_t bytes)
-- 
2.40.0



More information about the U-Boot mailing list