From f714ca80b8e3dc4e953b8728fc7b9457094b2a12 Mon Sep 17 00:00:00 2001 From: Yann Gautier Date: Wed, 10 Mar 2021 14:07:34 +0100 Subject: [PATCH] plat/st: do not rely on tainted value for dt property length To compare the "okay" string of a property, strncmp is used but with the length given by fdt_getprop. This len value is reported as tainted by Coverity [1]. We just can use strlen("okay") which is a known value to compare the 2 strings. [1] https://scan4.coverity.com/reports.htm#v51972/p11439/fileInstanceId=96515154&defectInstanceId=14219121&mergedDefectId=342997 Signed-off-by: Yann Gautier Change-Id: Ic8fb6ccf3126a37df615e433eb028861812015da --- plat/st/common/stm32mp_dt.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/plat/st/common/stm32mp_dt.c b/plat/st/common/stm32mp_dt.c index 391e5f054..4f130ce20 100644 --- a/plat/st/common/stm32mp_dt.c +++ b/plat/st/common/stm32mp_dt.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved. + * Copyright (c) 2017-2021, ARM Limited and Contributors. All rights reserved. * * SPDX-License-Identifier: BSD-3-Clause */ @@ -72,21 +72,20 @@ bool fdt_check_node(int node) uint8_t fdt_get_status(int node) { uint8_t status = DT_DISABLED; - int len; const char *cchar; - cchar = fdt_getprop(fdt, node, "status", &len); + cchar = fdt_getprop(fdt, node, "status", NULL); if ((cchar == NULL) || - (strncmp(cchar, "okay", (size_t)len) == 0)) { + (strncmp(cchar, "okay", strlen("okay")) == 0)) { status |= DT_NON_SECURE; } - cchar = fdt_getprop(fdt, node, "secure-status", &len); + cchar = fdt_getprop(fdt, node, "secure-status", NULL); if (cchar == NULL) { if (status == DT_NON_SECURE) { status |= DT_SECURE; } - } else if (strncmp(cchar, "okay", (size_t)len) == 0) { + } else if (strncmp(cchar, "okay", strlen("okay")) == 0) { status |= DT_SECURE; }