| Age | Commit message (Collapse) | Author |
|---|
|
report of the static analyzer:
Possible integer overflow: right operand is tainted.
An integer overflow may occur due to arithmetic operation (addition)
between variable 'block' and value { [1, 4294967295] } of 'nblocks[i]',
when 'block' is equal to '1'
correct explained:
Added bounds check before incrementing block counter to ensure that
adding nblocks[i] does not exceed totblocks. This prevents potential
integer overflow when user-specified partition sizes are too large,
which could lead to incorrect partition table layout and device corruption.
The validation ensures safe arithmetic by checking block + nblocks[i] <= totblocks
using unsigned comparison.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
calculation
report of the static analyzer:
Possible integer underflow: right operand is tainted.
An integer underflow may occur due to arithmetic
operation (unsigned subtraction) between
variables 'totblocks' and 'block', where 'totblocks'
is in range { [0, 4294967295] }, and 'block' is tainted { [0, 4294967295] }
correct explained:
Added validation check before calculating remaining
space for partition. The issue occurred when setting
the last partition size to 0, which triggers calculation
'totblocks - block'. Without validation, if block >= totblocks,
this would result in integer underflow due to unsigned
arithmetic, potentially creating a partition with enormous
size and leading to device corruption.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Technically it is initializied in the for loop right before being
used. From the conditional above, we know that the for loop is
executed at least once and the variable is always initialized, but
gcc doesn't appear to perform the same reasoning.
This patch adds an initialization of the variable for the sake of
making the compiler happy.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This patch eliminates warnings generated by the -Wmissing-prototypes
option. With this flag set, we are now forced to have prototypes for
all global, exported functions, that have to be made visible to the
definitions and we are forced to mark all local functions as static.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Several tools are simply not checking return code of functions marked
with 'warn_unused_result'.
Provide wrappers for the read/write functions to avoid patching old
code and providing proper error handling.
Fix the remaining ones (calls to fgets() and system()).
Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com>
|
|
* There is no code modification in this commit, only moving
* the files to proper place.
The user tools looks a little messy as we place almost
the all tools in the root directory of mtd-utils. To make
it more clear, I propose to introduce the following structure
for our source code.
mtd-utils/
|-- lib
|-- include
|-- misc-utils
|-- jffsX-utils
|-- nand-utils
|-- nor-utils
|-- ubi-utils
|-- ubifs-utils
`-- tests
Signed-off-by: Dongsheng Yang <yangds.fnst@cn.fujitsu.com>
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
|
