[PATCH 3/4] spl: atf: Fix potential but not occurring bug
Massimo Pegorer
massimo.pegorer+oss at gmail.com
Sat Sep 16 10:24:57 CEST 2023
Bug: function spl_fit_images_get_entry returns uninitialized variable
val if both fit_image_get_entry() and fit_image_get_load() fail (note
that both of them do not set val on failure). Fix: use val only if
entry or load address has been retrieved successfully.
Note: in real world a failure of fit_image_get_load() will make current
SPL flow to break on loading images, see spl_load_fit_image(), before
entering spl_invoke_atf().
Signed-off-by: Massimo Pegorer <massimo.pegorer+oss at gmail.com>
---
common/spl/spl_atf.c | 15 +++++++--------
1 file changed, 7 insertions(+), 8 deletions(-)
diff --git a/common/spl/spl_atf.c b/common/spl/spl_atf.c
index 3d022ed4e7..0d8db2d14e 100644
--- a/common/spl/spl_atf.c
+++ b/common/spl/spl_atf.c
@@ -238,17 +238,16 @@ static int spl_fit_images_find(void *blob, int os)
return -FDT_ERR_NOTFOUND;
}
-uintptr_t spl_fit_images_get_entry(void *blob, int node)
+void spl_fit_images_get_entry(void *blob, int node, uintptr_t *entry_p)
{
ulong val;
- int ret;
- ret = fit_image_get_entry(blob, node, &val);
- if (ret)
- ret = fit_image_get_load(blob, node, &val);
+ if (fit_image_get_entry(blob, node, &val))
+ if (fit_image_get_load(blob, node, &val))
+ return;
debug("%s: entry point 0x%lx\n", __func__, val);
- return val;
+ *entry_p = val;
}
void spl_invoke_atf(struct spl_image_info *spl_image)
@@ -266,7 +265,7 @@ void spl_invoke_atf(struct spl_image_info *spl_image)
*/
node = spl_fit_images_find(blob, IH_OS_TEE);
if (node >= 0)
- bl32_entry = spl_fit_images_get_entry(blob, node);
+ spl_fit_images_get_entry(blob, node, &bl32_entry);
/*
* Find (in /fit-images) the U-Boot binary entry point address
@@ -277,7 +276,7 @@ void spl_invoke_atf(struct spl_image_info *spl_image)
node = spl_fit_images_find(blob, IH_OS_U_BOOT);
if (node >= 0)
- bl33_entry = spl_fit_images_get_entry(blob, node);
+ spl_fit_images_get_entry(blob, node, &bl33_entry);
/*
* If ATF_NO_PLATFORM_PARAM is set, we override the platform
--
2.34.1
More information about the U-Boot
mailing list