hw/tpm/tpm_tis_common.c: Assert that locty is in range
In tpm_tis_mmio_read(), tpm_tis_mmio_write() and tpm_tis_dump_state(), we calculate a locality index with tpm_tis_locality_from_addr() and then use it as an index into the s->loc[] array. In all these cases, the array index can't overflow because the MemoryRegion is sized to be TPM_TIS_NUM_LOCALITIES << TPM_TIS_LOCALITY_SHIFT bytes. However, Coverity can't see that, and it complains (CID 1487138, 1487180, 1487188, 1487198, 1487240). Add an assertion to tpm_tis_locality_from_addr() that the calculated locality index is valid, which will help Coverity and also catch any potential future bug where the MemoryRegion isn't sized exactly. Signed-off-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-id: 20220525125904.483075-1-stefanb@linux.ibm.com
This commit is contained in:
parent
7077fcb9b6
commit
4d84bb6c8b
@ -50,7 +50,12 @@ static uint64_t tpm_tis_mmio_read(void *opaque, hwaddr addr,
|
||||
|
||||
static uint8_t tpm_tis_locality_from_addr(hwaddr addr)
|
||||
{
|
||||
return (uint8_t)((addr >> TPM_TIS_LOCALITY_SHIFT) & 0x7);
|
||||
uint8_t locty;
|
||||
|
||||
locty = (uint8_t)((addr >> TPM_TIS_LOCALITY_SHIFT) & 0x7);
|
||||
assert(TPM_TIS_IS_VALID_LOCTY(locty));
|
||||
|
||||
return locty;
|
||||
}
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user