summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAnastasia Klimchuk <aklm@chromium.org>2021-05-31 09:42:36 +1000
committerNico Huber <nico.h@gmx.de>2021-06-08 14:56:00 +0000
commit4332e7c04ec460472ed18792638f67cc44e6054c (patch)
tree16dc41e833936d4142bdc3602c31ae609178ab61
parent72af02b60fcedece3191316408b99da90ee96509 (diff)
downloadflashrom-4332e7c04ec460472ed18792638f67cc44e6054c.tar.gz
flashrom-4332e7c04ec460472ed18792638f67cc44e6054c.tar.bz2
flashrom-4332e7c04ec460472ed18792638f67cc44e6054c.zip
dummyflasher.c: Fix data leak in params processing error paths
This patch extracts params processing into a separate function. Now all error paths of params processing return 1 back to init function which frees data. And there was just one more error path in init function where free(data) needed to be added. This is a follow up on commit 3b8fe0f8e907c0ba9f7c7935e950f3e1538d427f which moves global state into spi_master data. A good side-effect of the change is: init function becomes easier to read. BUG=b:185191942 TEST=ninja test Change-Id: I04f55f77bb4703f1d88b2191c45a22be3c97bf87 Signed-off-by: Anastasia Klimchuk <aklm@chromium.org> Reviewed-on: https://review.coreboot.org/c/flashrom/+/54748 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Nico Huber <nico.h@gmx.de>
-rw-r--r--dummyflasher.c78
1 files changed, 51 insertions, 27 deletions
diff --git a/dummyflasher.c b/dummyflasher.c
index dcf97b5c8..e2f38f54d 100644
--- a/dummyflasher.c
+++ b/dummyflasher.c
@@ -643,30 +643,17 @@ static int dummy_shutdown(void *data)
return 0;
}
-int dummy_init(void)
+static int init_data(struct emu_data *data, enum chipbustype *dummy_buses_supported)
{
+
char *bustext = NULL;
char *tmp = NULL;
unsigned int i;
+ char *endptr;
#if EMULATE_SPI_CHIP
char *status = NULL;
int size = -1; /* size for VARIABLE_SIZE chip device */
#endif
-#if EMULATE_CHIP
- struct stat image_stat;
-#endif
- char *endptr;
-
- struct emu_data *data = calloc(1, sizeof(struct emu_data));
- if (!data) {
- msg_perr("Out of memory!\n");
- return 1;
- }
- data->emu_chip = EMULATE_NONE;
- data->delay_us = 0;
- data->spi_write_256_chunksize = 256;
-
- msg_pspew("%s\n", __func__);
bustext = extract_programmer_param("bus");
msg_pdbg("Requested buses are: %s\n", bustext ? bustext : "default");
@@ -675,24 +662,24 @@ int dummy_init(void)
/* Convert the parameters to lowercase. */
tolower_string(bustext);
- enum chipbustype dummy_buses_supported = BUS_NONE;
+ *dummy_buses_supported = BUS_NONE;
if (strstr(bustext, "parallel")) {
- dummy_buses_supported |= BUS_PARALLEL;
+ *dummy_buses_supported |= BUS_PARALLEL;
msg_pdbg("Enabling support for %s flash.\n", "parallel");
}
if (strstr(bustext, "lpc")) {
- dummy_buses_supported |= BUS_LPC;
+ *dummy_buses_supported |= BUS_LPC;
msg_pdbg("Enabling support for %s flash.\n", "LPC");
}
if (strstr(bustext, "fwh")) {
- dummy_buses_supported |= BUS_FWH;
+ *dummy_buses_supported |= BUS_FWH;
msg_pdbg("Enabling support for %s flash.\n", "FWH");
}
if (strstr(bustext, "spi")) {
- dummy_buses_supported |= BUS_SPI;
+ *dummy_buses_supported |= BUS_SPI;
msg_pdbg("Enabling support for %s flash.\n", "SPI");
}
- if (dummy_buses_supported == BUS_NONE)
+ if (*dummy_buses_supported == BUS_NONE)
msg_pdbg("Support for all flash bus types disabled.\n");
free(bustext);
@@ -838,14 +825,15 @@ int dummy_init(void)
}
free(tmp);
}
-#endif
+#endif /* EMULATE_SPI_CHIP */
tmp = extract_programmer_param("emulate");
if (!tmp) {
msg_pdbg("Not emulating any flash chip.\n");
/* Nothing else to do. */
- goto dummy_init_out;
+ return 0;
}
+
#if EMULATE_SPI_CHIP
if (!strcmp(tmp, "M25P10.RES")) {
data->emu_chip = EMULATE_ST_M25P10_RES;
@@ -933,7 +921,7 @@ int dummy_init(void)
msg_pdbg("Emulating generic SPI flash chip (size=%d bytes)\n",
data->emu_chip_size);
}
-#endif
+#endif /* EMULATE_SPI_CHIP */
if (data->emu_chip == EMULATE_NONE) {
msg_perr("Invalid chip specified for emulation: %s\n", tmp);
free(tmp);
@@ -972,7 +960,7 @@ int dummy_init(void)
msg_pdbg("Initial status register is set to 0x%02x.\n",
data->emu_status);
}
-#endif
+#endif /* EMULATE_SPI_CHIP */
data->flashchip_contents = malloc(data->emu_chip_size);
if (!data->flashchip_contents) {
@@ -980,6 +968,41 @@ int dummy_init(void)
return 1;
}
+#endif /* EMULATE_CHIP */
+
+ return 0;
+}
+
+int dummy_init(void)
+{
+#if EMULATE_CHIP
+ struct stat image_stat;
+#endif
+
+ struct emu_data *data = calloc(1, sizeof(struct emu_data));
+ if (!data) {
+ msg_perr("Out of memory!\n");
+ return 1;
+ }
+ data->emu_chip = EMULATE_NONE;
+ data->delay_us = 0;
+ data->spi_write_256_chunksize = 256;
+
+ msg_pspew("%s\n", __func__);
+
+ enum chipbustype dummy_buses_supported;
+ if (init_data(data, &dummy_buses_supported)) {
+ free(data);
+ return 1;
+ }
+
+#if EMULATE_CHIP
+ if (data->emu_chip == EMULATE_NONE) {
+ msg_pdbg("Not emulating any flash chip.\n");
+ /* Nothing else to do. */
+ goto dummy_init_out;
+ }
+
msg_pdbg("Filling fake flash chip with 0x%02x, size %i\n",
data->erase_to_zero ? 0x00 : 0xff, data->emu_chip_size);
memset(data->flashchip_contents, data->erase_to_zero ? 0x00 : 0xff, data->emu_chip_size);
@@ -1003,13 +1026,14 @@ int dummy_init(void)
msg_perr("Unable to read %s\n", data->emu_persistent_image);
free(data->emu_persistent_image);
free(data->flashchip_contents);
+ free(data);
return 1;
}
} else {
msg_pdbg("doesn't match.\n");
}
}
-#endif
+#endif /* EMULATE_CHIP */
dummy_init_out:
if (register_shutdown(dummy_shutdown, data)) {