aspeed/smc: Fix possible integer overflow

[PATCH] aspeed/smc: Fix possible integer overflow

Posted by Cédric Le Goater 4 months, 2 weeks ago

Coverity reports a possible integer overflow because routine
aspeeed_smc_hclk_divisor() has a codepath returning 0, which could
lead to an integer overflow when computing variable 'hclk_shift' in
the caller aspeed_smc_dma_calibration().

The value passed to aspeed_smc_hclk_divisor() is always between 0 and
15 and, in this case, there is always a matching hclk divisor. Remove
the return 0 and use g_assert_not_reached() instead.

Fixes: Coverity CID 1547822
Suggested-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Cédric Le Goater <clg@redhat.com>
---
 hw/ssi/aspeed_smc.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/hw/ssi/aspeed_smc.c b/hw/ssi/aspeed_smc.c
index b79815c2b8aa..7fd63669c10e 100644
--- a/hw/ssi/aspeed_smc.c
+++ b/hw/ssi/aspeed_smc.c
@@ -842,8 +842,7 @@ static uint8_t aspeed_smc_hclk_divisor(uint8_t hclk_mask)
         }
     }
 
-    aspeed_smc_error("invalid HCLK mask %x", hclk_mask);
-    return 0;
+    g_assert_not_reached();
 }
 
 /*
-- 
2.45.2

Re: [PATCH] aspeed/smc: Fix possible integer overflow

Posted by Cédric Le Goater 4 months, 1 week ago

On 7/12/24 18:36, Cédric Le Goater wrote:
> Coverity reports a possible integer overflow because routine
> aspeeed_smc_hclk_divisor() has a codepath returning 0, which could
> lead to an integer overflow when computing variable 'hclk_shift' in
> the caller aspeed_smc_dma_calibration().
> 
> The value passed to aspeed_smc_hclk_divisor() is always between 0 and
> 15 and, in this case, there is always a matching hclk divisor. Remove
> the return 0 and use g_assert_not_reached() instead.
> 
> Fixes: Coverity CID 1547822
> Suggested-by: Peter Maydell <peter.maydell@linaro.org>
> Signed-off-by: Cédric Le Goater <clg@redhat.com>
> ---
>   hw/ssi/aspeed_smc.c | 3 +--
>   1 file changed, 1 insertion(+), 2 deletions(-)
> 
> diff --git a/hw/ssi/aspeed_smc.c b/hw/ssi/aspeed_smc.c
> index b79815c2b8aa..7fd63669c10e 100644
> --- a/hw/ssi/aspeed_smc.c
> +++ b/hw/ssi/aspeed_smc.c
> @@ -842,8 +842,7 @@ static uint8_t aspeed_smc_hclk_divisor(uint8_t hclk_mask)
>           }
>       }
>   
> -    aspeed_smc_error("invalid HCLK mask %x", hclk_mask);
> -    return 0;
> +    g_assert_not_reached();
>   }
>   
>   /*


Applied to aspeed-next.

Thanks,

C.

Re: [PATCH] aspeed/smc: Fix possible integer overflow

Posted by Peter Maydell 4 months, 2 weeks ago

On Fri, 12 Jul 2024 at 17:36, Cédric Le Goater <clg@redhat.com> wrote:
>
> Coverity reports a possible integer overflow because routine
> aspeeed_smc_hclk_divisor() has a codepath returning 0, which could
> lead to an integer overflow when computing variable 'hclk_shift' in
> the caller aspeed_smc_dma_calibration().
>
> The value passed to aspeed_smc_hclk_divisor() is always between 0 and
> 15 and, in this case, there is always a matching hclk divisor. Remove
> the return 0 and use g_assert_not_reached() instead.
>
> Fixes: Coverity CID 1547822
> Suggested-by: Peter Maydell <peter.maydell@linaro.org>
> Signed-off-by: Cédric Le Goater <clg@redhat.com>
> ---
>  hw/ssi/aspeed_smc.c | 3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/hw/ssi/aspeed_smc.c b/hw/ssi/aspeed_smc.c
> index b79815c2b8aa..7fd63669c10e 100644
> --- a/hw/ssi/aspeed_smc.c
> +++ b/hw/ssi/aspeed_smc.c
> @@ -842,8 +842,7 @@ static uint8_t aspeed_smc_hclk_divisor(uint8_t hclk_mask)
>          }
>      }
>
> -    aspeed_smc_error("invalid HCLK mask %x", hclk_mask);
> -    return 0;
> +    g_assert_not_reached();
>  }
>

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>

thanks
-- PMM