diff options
| author | Jacob Garber <jgarber1@ualberta.ca> | 2019-05-21 13:41:50 -0600 |
|---|---|---|
| committer | Patrick Georgi <pgeorgi@google.com> | 2019-05-23 09:01:42 +0000 |
| commit | b4222a65adcbacdb056fea88abd300c897eabfc2 (patch) | |
| tree | ae88b2ccea338df7fb997efb63164d619b1616b8 /util/romcc | |
| parent | 55fffa29c236f054c6b40fb971f7974f2dbd705d (diff) | |
| download | coreboot-b4222a65adcbacdb056fea88abd300c897eabfc2.tar.gz coreboot-b4222a65adcbacdb056fea88abd300c897eabfc2.tar.bz2 coreboot-b4222a65adcbacdb056fea88abd300c897eabfc2.zip | |
util/romcc: Add extra NULL checks for member
In each of these cases it is possible that 'member' is NULL at the
beginning, which will skip the earlier while loops entirely and cause
a NULL dereference later on. Add extra error checks to prevent this.
Change-Id: Ib5873c0830b71397ef661976d387fc6ce33c5cd1
Signed-off-by: Jacob Garber <jgarber1@ualberta.ca>
Found-by: Coverity CID 1129147, 1129152, 1129153, 1129154
Reviewed-on: https://review.coreboot.org/c/coreboot/+/32916
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Diffstat (limited to 'util/romcc')
| -rw-r--r-- | util/romcc/romcc.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/util/romcc/romcc.c b/util/romcc/romcc.c index 329cfd2433a0..571a29f94b59 100644 --- a/util/romcc/romcc.c +++ b/util/romcc/romcc.c @@ -6228,6 +6228,8 @@ static size_t field_offset(struct compile_state *state, size += size_of(state, member->left); member = member->right; } + if (member == NULL) + internal_error(state, 0, "Member is NULL"); size += needed_padding(state, member, size); } else if ((type->type & TYPE_MASK) == TYPE_UNION) { @@ -6350,10 +6352,12 @@ static size_t index_offset(struct compile_state *state, i++; member = member->right; } - size += needed_padding(state, member, size); + if (member == NULL) + internal_error(state, 0, "Member is NULL"); if (i != index) { internal_error(state, 0, "Missing member index: %u", index); } + size += needed_padding(state, member, size); } else if ((type->type & TYPE_MASK) == TYPE_JOIN) { ulong_t i; @@ -6402,6 +6406,8 @@ static size_t index_reg_offset(struct compile_state *state, i++; member = member->right; } + if (member == NULL) + internal_error(state, 0, "Member is NULL"); if (i != index) { internal_error(state, 0, "Missing member index: %u", index); } @@ -6640,6 +6646,8 @@ static struct type *reg_type( offset += size; member = member->right; } + if (member == NULL) + internal_error(state, 0, "Member is NULL"); offset += reg_needed_padding(state, member, offset); member = reg_type(state, member, reg_offset - offset); break; |