ich_descriptors.c: Ensure unsigned types >=0 on to prevent underflow
Unsigned types show undefined behaviour if they are subtracted by a
value greater than their own (mostly it wraps to the max value). Using
this value for left shifting could be even more dangerous.
flashrom-stable:
The actual issue here was that a static-analyzer didn't realize that
the second loop would only run, if ever, with `j >= 12`. So we made
that explicit.
Change-Id: I5921cc571f3dca5188ca1973dba6ececbcbe2f39
Signed-off-by: Aarya Chaumal <aarya.chaumal@gmail.com>
Original-Reviewed-on: https://review.coreboot.org/c/flashrom/+/62764
Original-Reviewed-by: Anastasia Klimchuk <aklm@chromium.org>
Reviewed-on: https://review.coreboot.org/c/flashrom-stable/+/71451
Reviewed-by: Nico Huber <nico.h@gmx.de>
Reviewed-by: Angel Pons <th3fanbus@gmail.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
diff --git a/ich_descriptors.c b/ich_descriptors.c
index 081481d..fb050c2 100644
--- a/ich_descriptors.c
+++ b/ich_descriptors.c
@@ -484,16 +484,17 @@
msg_pdbg2(" RegA RegB RegC RegD RegE RegF\n");
}
for (i = 0; i < nm; i++) {
+ const unsigned int ext_region_start = 12;
size_t j;
msg_pdbg2("%-4s", master_names[i]);
- for (j = 0; j < (size_t)min(num_regions, 12); j++)
+ for (j = 0; j < (size_t)min(num_regions, ext_region_start); j++)
msg_pdbg2(" %c%c ",
desc->master.mstr[i].read & (1 << j) ? 'r' : ' ',
desc->master.mstr[i].write & (1 << j) ? 'w' : ' ');
- for (; j < num_regions; j++)
+ for (j = ext_region_start; j < num_regions; j++)
msg_pdbg2(" %c%c ",
- desc->master.mstr[i].ext_read & (1 << (j - 12)) ? 'r' : ' ',
- desc->master.mstr[i].ext_write & (1 << (j - 12)) ? 'w' : ' ');
+ desc->master.mstr[i].ext_read & (1 << (j - ext_region_start)) ? 'r' : ' ',
+ desc->master.mstr[i].ext_write & (1 << (j - ext_region_start)) ? 'w' : ' ');
msg_pdbg2("\n");
}
} else if (cs == CHIPSET_C620_SERIES_LEWISBURG) {