From nobody Tue May 14 10:06:05 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+111012+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+111012+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1699593759; cv=none; d=zohomail.com; s=zohoarc; b=LkiRY0Vj+69qF7AOF1QRKHDdau3q2XbRao38O1qJQMMxLcgRnZI7N5tov/2/o7ronSQhBYDROd0ff251lS4qFaOodytVgqXVegWhMBzeqwxmcOr+5IC9Ge6qRZeOU1Atn7or5SAYzCPkeRj+bvVC3sCe7RFySkqqDlisZ6YkFwg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1699593759; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=ou0/wToHwNbyb3A609AnDyU6/rMyAhiIKwqLVEnbJV4=; b=Tb7VIDNqQ4R73jAGF8sl4I2VmA6DhWjiqoseNGqAVIRunirrrkmPpd/WVw2fJusqwCXMGqhiivAW8NEiZFoXGrQvvrqzzrpv97ZLtNWWYOfcHNuH6i90nZW7Fa9M4kCXNGdpm0sO2ellJ6stOnX7BRX3H15rkoMyjr0Qk1heOvI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+111012+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1699593759688802.6523920823955; Thu, 9 Nov 2023 21:22:39 -0800 (PST) Return-Path: DKIM-Signature: a=rsa-sha256; bh=vvp8oaFoDQvOrBvteq/NfH2ZioVO3t3M250NUDRor9c=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1699593759; v=1; b=erLEBnAO0KmDNwTA3nrOKJ/Kfwv/pI6VC83ULRJz5i59sQT6IP2kNqp4dZq0ou4FBauLXj4q 53OMMrTqsEwMidRbuUsDFaQX2iZIV4h5i6sAM20wunvkFLPg3Yv0Z6tnOevmDhcOy3IsSrxFPL6 ru+2HnrGy17iG+ITyBSpP7uU= X-Received: by 127.0.0.2 with SMTP id pln0YY1788612xVAWmk2bZLP; Thu, 09 Nov 2023 21:22:39 -0800 X-Received: from mail-pf1-f181.google.com (mail-pf1-f181.google.com [209.85.210.181]) by mx.groups.io with SMTP id smtpd.web11.22095.1699593758820102548 for ; Thu, 09 Nov 2023 21:22:38 -0800 X-Received: by mail-pf1-f181.google.com with SMTP id d2e1a72fcca58-6ba54c3ed97so1718769b3a.2 for ; Thu, 09 Nov 2023 21:22:38 -0800 (PST) X-Gm-Message-State: O6dzCtbITMX9LdA53vpbHgrcx1787277AA= X-Google-Smtp-Source: AGHT+IFdyUbKSfRPmnzBhmVM7Z9wnOIszaCiCUFjZPAfrtrQdjpIlttUaIl70RVBWJY3YZIvOMrDNg== X-Received: by 2002:a05:6a20:8e10:b0:183:c7ea:bb52 with SMTP id y16-20020a056a208e1000b00183c7eabb52mr8274413pzj.30.1699593757959; Thu, 09 Nov 2023 21:22:37 -0800 (PST) X-Received: from user-Latitude-5420.. ([2401:4900:1f24:28fe:9291:5de9:ca67:1893]) by smtp.gmail.com with ESMTPSA id a13-20020a170902b58d00b001c9db5e2929sm4467064pls.93.2023.11.09.21.22.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 09 Nov 2023 21:22:37 -0800 (PST) From: "Ranbir Singh" To: devel@edk2.groups.io, rsingh@ventanamicro.com Cc: Ray Ni , Veeresh Sangolli Subject: [edk2-devel] [PATCH v3 1/2] MdeModulePkg/Bus/Pci/XhciDxe: Fix FORWARD_NULL Coverity issues Date: Fri, 10 Nov 2023 10:52:30 +0530 Message-Id: <20231110052231.447797-2-rsingh@ventanamicro.com> In-Reply-To: <20231110052231.447797-1-rsingh@ventanamicro.com> References: <20231110052231.447797-1-rsingh@ventanamicro.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,rsingh@ventanamicro.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1699593760674100005 Content-Type: text/plain; charset="utf-8" From: Ranbir Singh The functions UsbHcGetHostAddrForPciAddr, UsbHcGetPciAddrForHostAddr and UsbHcFreeMem do have ASSERT ((Block !=3D NULL)); statements after for loop, but these are applicable only in DEBUG mode. In RELEASE mode, if for whatever reasons there is no match inside for loop and the loop exits because of Block !=3D NULL; condition, then there is no "Block" NULL pointer check afterwards and the code proceeds to do dereferencing "Block" which will lead to CRASH. Hence, for safety add NULL pointer checks always. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4221 Cc: Ray Ni Co-authored-by: Veeresh Sangolli Signed-off-by: Ranbir Singh Signed-off-by: Ranbir Singh Reviewed-by: Laszlo Ersek --- MdeModulePkg/Bus/Pci/XhciDxe/UsbHcMem.c | 29 ++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/MdeModulePkg/Bus/Pci/XhciDxe/UsbHcMem.c b/MdeModulePkg/Bus/Pci= /XhciDxe/UsbHcMem.c index b54187ec228e..597cbe4646e8 100644 --- a/MdeModulePkg/Bus/Pci/XhciDxe/UsbHcMem.c +++ b/MdeModulePkg/Bus/Pci/XhciDxe/UsbHcMem.c @@ -267,6 +267,16 @@ UsbHcGetPciAddrForHostAddr ( } =20 ASSERT ((Block !=3D NULL)); + + if (Block =3D=3D NULL) { + // + // Should never be here + // + DEBUG ((DEBUG_ERROR, "UsbHcGetPciAddrForHostAddr: Invalid host memory = pointer passed\n")); + CpuDeadLoop (); + return 0; + } + // // calculate the pci memory address for host memory address. // @@ -322,6 +332,16 @@ UsbHcGetHostAddrForPciAddr ( } =20 ASSERT ((Block !=3D NULL)); + + if (Block =3D=3D NULL) { + // + // Should never be here + // + DEBUG ((DEBUG_ERROR, "UsbHcGetHostAddrForPciAddr: Invalid pci memory p= ointer passed\n")); + CpuDeadLoop (); + return 0; + } + // // calculate the pci memory address for host memory address. // @@ -603,6 +623,15 @@ UsbHcFreeMem ( // ASSERT (Block !=3D NULL); =20 + if (Block =3D=3D NULL) { + // + // Should never be here + // + DEBUG ((DEBUG_ERROR, "UsbHcFreeMem: Invalid memory pointer passed\n")); + CpuDeadLoop (); + return; + } + // // Release the current memory block if it is empty and not the head // --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#111012): https://edk2.groups.io/g/devel/message/111012 Mute This Topic: https://groups.io/mt/102502055/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Tue May 14 10:06:05 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+111013+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+111013+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1699593761; cv=none; d=zohomail.com; s=zohoarc; b=Twgssfs9iwlVKm7I2hI+9ldQoGP4qkeJPzuke+5wuFh0I7XBS8nFp1NiszlYa7KJrnbazbPifv3csNhBhsq+onc9tcBDZy21Wftpxt18N9DjiC3IWj11AwYa42gWihM9xKG6yaYCRKk4hSGHPZ+2IDb7yqHYNsBBR4KyR6UQx1o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1699593761; h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Reply-To:References:Sender:Subject:Subject:To:To:Message-Id; bh=DarVAECbMaFxSRrTa3psRa18TvF3hjD9N0ZbsE8CeWk=; b=hDA47QUBlglPUknv4SjFX0xCWlhF6/XGpI/yvj9AGB4k+vpZEV2Ot+Ixz44JAqEePQR6jXJRZQdyCqYg0fWPYSxNt6iFm96l3RKcAbSOMhzHszhGepmCicuvdmUheqBlAI2yqo5bF4ztsrbr8Bv/v4sCK0MQ3e45F0CXzPu+gyw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+111013+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1699593761384527.9124419968077; Thu, 9 Nov 2023 21:22:41 -0800 (PST) Return-Path: DKIM-Signature: a=rsa-sha256; bh=AjPrP71vLTmDm7LKApKh6SIDbhBRGlS0CTzMO/VfpdQ=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1699593761; v=1; b=uLZ2DL3URbRiKZJV+k06NxnV0Ksv8s8cP5yWvML7ocIfh7JxOUSLZPi7JGzAyewE5XDXjoQq 3SXJGL+yRjUtvwqnOA14mZi5NeMpJDlXURh7LEtSBmwvPhly+Xh6nauZb3KAcv0ovdEbyacIcOM DrnHmLK9NRfC3ODPL/hQXGLE= X-Received: by 127.0.0.2 with SMTP id OfjnYY1788612xFAxXIxqn3r; Thu, 09 Nov 2023 21:22:41 -0800 X-Received: from mail-pl1-f171.google.com (mail-pl1-f171.google.com [209.85.214.171]) by mx.groups.io with SMTP id smtpd.web10.21870.1699593760529075169 for ; Thu, 09 Nov 2023 21:22:40 -0800 X-Received: by mail-pl1-f171.google.com with SMTP id d9443c01a7336-1cc9b626a96so13827495ad.2 for ; Thu, 09 Nov 2023 21:22:40 -0800 (PST) X-Gm-Message-State: ZTpdMn5wxDmPfqT93BRGgE7Nx1787277AA= X-Google-Smtp-Source: AGHT+IHjkfUmrfw+eaEdIlcaVXhq9T2bMEENimaS2xsSyCJ9u8tfDNYhHFYnuGFyrZSxnZmv5lk1sA== X-Received: by 2002:a17:902:f64e:b0:1cc:3932:4a95 with SMTP id m14-20020a170902f64e00b001cc39324a95mr9005868plg.62.1699593759862; Thu, 09 Nov 2023 21:22:39 -0800 (PST) X-Received: from user-Latitude-5420.. ([2401:4900:1f24:28fe:9291:5de9:ca67:1893]) by smtp.gmail.com with ESMTPSA id a13-20020a170902b58d00b001c9db5e2929sm4467064pls.93.2023.11.09.21.22.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 09 Nov 2023 21:22:39 -0800 (PST) From: "Ranbir Singh" To: devel@edk2.groups.io, rsingh@ventanamicro.com Cc: Ray Ni Subject: [edk2-devel] [PATCH v3 2/2] MdeModulePkg/Bus/Pci/XhciDxe: Fix MISSING_BREAK Coverity issues Date: Fri, 10 Nov 2023 10:52:31 +0530 Message-Id: <20231110052231.447797-3-rsingh@ventanamicro.com> In-Reply-To: <20231110052231.447797-1-rsingh@ventanamicro.com> References: <20231110052231.447797-1-rsingh@ventanamicro.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,rsingh@ventanamicro.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1699593762621100009 Content-Type: text/plain; charset="utf-8" From: Ranbir Singh The functions XhcInitializeEndpointContext and XhcInitializeEndpointContext64 has a switch-case code in which the case USB_ENDPOINT_CONTROL: falls through to default: While this may be intentional, it may not be evident to any general code reader/developer or static analyis tool why there is no break in between. Merge the USB_ENDPOINT_CONTROL and default using conditional debug print. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4221 Cc: Ray Ni Signed-off-by: Ranbir Singh Reviewed-by: Laszlo Ersek --- MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c | 33 +++++++++++--------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c b/MdeModulePkg/Bus/Pc= i/XhciDxe/XhciSched.c index 05528a478baf..00b3a13a95bb 100644 --- a/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c +++ b/MdeModulePkg/Bus/Pci/XhciDxe/XhciSched.c @@ -2825,6 +2825,7 @@ XhcInitializeEndpointContext ( UINTN NumEp; UINTN EpIndex; UINT8 EpAddr; + UINT8 EpType; UINT8 Direction; UINT8 Dci; UINT8 MaxDci; @@ -2871,7 +2872,8 @@ XhcInitializeEndpointContext ( InputContext->EP[Dci-1].MaxBurstSize =3D 0x0; } =20 - switch (EpDesc->Attributes & USB_ENDPOINT_TYPE_MASK) { + EpType =3D EpDesc->Attributes & USB_ENDPOINT_TYPE_MASK; + switch (EpType) { case USB_ENDPOINT_BULK: if (Direction =3D=3D EfiUsbDataIn) { InputContext->EP[Dci-1].CErr =3D 3; @@ -2974,13 +2976,13 @@ XhcInitializeEndpointContext ( =20 break; =20 - case USB_ENDPOINT_CONTROL: - // - // Do not support control transfer now. - // - DEBUG ((DEBUG_INFO, "XhcInitializeEndpointContext: Unsupport Contr= ol EP found, Transfer ring is not allocated.\n")); default: - DEBUG ((DEBUG_INFO, "XhcInitializeEndpointContext: Unknown EP foun= d, Transfer ring is not allocated.\n")); + DEBUG (( + DEBUG_INFO, + "%a: %a found, Transfer ring is not allocated.\n", + __func__, + (EpType =3D=3D USB_ENDPOINT_CONTROL ? "Unsupported Control EP" := "Unknown EP") + )); EpDesc =3D (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Len= gth); continue; } @@ -3028,6 +3030,7 @@ XhcInitializeEndpointContext64 ( UINTN NumEp; UINTN EpIndex; UINT8 EpAddr; + UINT8 EpType; UINT8 Direction; UINT8 Dci; UINT8 MaxDci; @@ -3074,7 +3077,8 @@ XhcInitializeEndpointContext64 ( InputContext->EP[Dci-1].MaxBurstSize =3D 0x0; } =20 - switch (EpDesc->Attributes & USB_ENDPOINT_TYPE_MASK) { + EpType =3D EpDesc->Attributes & USB_ENDPOINT_TYPE_MASK; + switch (EpType) { case USB_ENDPOINT_BULK: if (Direction =3D=3D EfiUsbDataIn) { InputContext->EP[Dci-1].CErr =3D 3; @@ -3177,13 +3181,14 @@ XhcInitializeEndpointContext64 ( =20 break; =20 - case USB_ENDPOINT_CONTROL: - // - // Do not support control transfer now. - // - DEBUG ((DEBUG_INFO, "XhcInitializeEndpointContext64: Unsupport Con= trol EP found, Transfer ring is not allocated.\n")); default: - DEBUG ((DEBUG_INFO, "XhcInitializeEndpointContext64: Unknown EP fo= und, Transfer ring is not allocated.\n")); + DEBUG (( + DEBUG_INFO, + "%a: %a found, Transfer ring is not allocated.\n", + __func__, + ((EpType =3D=3D USB_ENDPOINT_CONTROL) ? "Unsupported Control EP"= : "Unknown EP") + )); + EpDesc =3D (USB_ENDPOINT_DESCRIPTOR *)((UINTN)EpDesc + EpDesc->Len= gth); continue; } --=20 2.34.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#111013): https://edk2.groups.io/g/devel/message/111013 Mute This Topic: https://groups.io/mt/102502056/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-