[U-Boot] [PATCH v1] tpm: Fix uclass_first_device error handling
uclass_first_device might return NULL for the device despite a zero return code. Currently, this might lead to null pointer dereferencing, since the returned device is not properly checked.
Hence, always check if the device returned from uclass_first_device is NULL and return -ENODEV if it is.
Signed-off-by: Mario Six mario.six@gdsys.cc --- lib/tpm.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/lib/tpm.c b/lib/tpm.c index f428d45..42aea0a 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -245,6 +245,8 @@ static uint32_t tpm_sendrecv_command(const void *command, ret = uclass_first_device(UCLASS_TPM, &dev); if (ret) return ret; + if (!dev) + return -ENODEV; err = tpm_xfer(dev, command, tpm_command_size(command), response, &response_length);
@@ -262,8 +264,10 @@ int tpm_init(void) struct udevice *dev;
err = uclass_first_device(UCLASS_TPM, &dev); - if (err || !dev) + if (err) return err; + if (!dev) + return -ENODEV; return tpm_open(dev); }
-- 2.7.0.GIT
Hi Mario,
On 30 March 2016 at 02:22, Mario Six mario.six@gdsys.cc wrote:
uclass_first_device might return NULL for the device despite a zero return code. Currently, this might lead to null pointer dereferencing, since the returned device is not properly checked.
Hence, always check if the device returned from uclass_first_device is NULL and return -ENODEV if it is.
Signed-off-by: Mario Six mario.six@gdsys.cc
lib/tpm.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)
Thanks for the patch. But can you please use uclass_first_device_err()?
Regards, Simon
Hi Simon,
Quoting Simon Glass sjg@chromium.org:
Hi Mario,
On 30 March 2016 at 02:22, Mario Six mario.six@gdsys.cc wrote:
uclass_first_device might return NULL for the device despite a zero return code. Currently, this might lead to null pointer dereferencing, since the returned device is not properly checked.
Hence, always check if the device returned from uclass_first_device is NULL and return -ENODEV if it is.
Signed-off-by: Mario Six mario.six@gdsys.cc
lib/tpm.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-)
Thanks for the patch. But can you please use uclass_first_device_err()?
Regards, Simon
Yes, of course; sorry, I was not aware of uclass_first_device_err. That's a much nicer solution :-)
I'll prepare a v2 shortly.
Best regards,
Mario
uclass_first_device might return NULL for the device despite a zero return code. Currently, this might lead to null pointer dereferencing, since the returned device is not properly checked.
We switch to uclass_first_device_err to make sure that the returned device is valid.
Signed-off-by: Mario Six mario.six@gdsys.cc Cc: Simon Glass sjg@chromium.org ---
v2: - Use uclass_first_device_err instead of explicit null checking
lib/tpm.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/lib/tpm.c b/lib/tpm.c index f428d45..88f2406 100644 --- a/lib/tpm.c +++ b/lib/tpm.c @@ -242,7 +242,7 @@ static uint32_t tpm_sendrecv_command(const void *command, response_length = sizeof(response_buffer); }
- ret = uclass_first_device(UCLASS_TPM, &dev); + ret = uclass_first_device_err(UCLASS_TPM, &dev); if (ret) return ret; err = tpm_xfer(dev, command, tpm_command_size(command), @@ -261,8 +261,8 @@ int tpm_init(void) int err; struct udevice *dev;
- err = uclass_first_device(UCLASS_TPM, &dev); - if (err || !dev) + err = uclass_first_device_err(UCLASS_TPM, &dev); + if (err) return err; return tpm_open(dev); } -- 2.7.0.GIT
On 5 April 2016 at 07:15, Mario Six mario.six@gdsys.cc wrote:
uclass_first_device might return NULL for the device despite a zero return code. Currently, this might lead to null pointer dereferencing, since the returned device is not properly checked.
We switch to uclass_first_device_err to make sure that the returned device is valid.
Signed-off-by: Mario Six mario.six@gdsys.cc Cc: Simon Glass sjg@chromium.org
v2:
- Use uclass_first_device_err instead of explicit null checking
lib/tpm.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-)
Thanks!
Acked-by: Simon Glass sjg@chromium.org
participants (2)
-
Mario Six -
Simon Glass