plat/st: do not rely on tainted value for dt property length

To compare the "okay" string of a property, strncmp is used but with the length given by fdt_getprop. This len value is reported as tainted by Coverity [1]. We just can use strlen("okay") which is a known value to compare the 2 strings. [1] https://scan4.coverity.com/reports.htm#v51972/p11439/fileInstanceId=96515154&defectInstanceId=14219121&mergedDefectId=342997 Signed-off-by: Yann Gautier <yann.gautier@foss.st.com> Change-Id: Ic8fb6ccf3126a37df615e433eb028861812015da
2021-03-10 14:07:34 +01:00 · 2021-03-10 14:07:34 +01:00 · f714ca80b8
parent 6794378d2e
commit f714ca80b8
1 changed files with 5 additions and 6 deletions
--- a/plat/st/common/stm32mp_dt.c
+++ b/plat/st/common/stm32mp_dt.c
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2017-2020, ARM Limited and Contributors. All rights reserved.
+ * Copyright (c) 2017-2021, ARM Limited and Contributors. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */
@ -72,21 +72,20 @@ bool fdt_check_node(int node)
 uint8_t fdt_get_status(int node)
 {
 	uint8_t status = DT_DISABLED;
-	int len;
 	const char *cchar;

-	cchar = fdt_getprop(fdt, node, "status", &len);
+	cchar = fdt_getprop(fdt, node, "status", NULL);
 	if ((cchar == NULL) ||
-	    (strncmp(cchar, "okay", (size_t)len) == 0)) {
+	    (strncmp(cchar, "okay", strlen("okay")) == 0)) {
 		status |= DT_NON_SECURE;
 	}

-	cchar = fdt_getprop(fdt, node, "secure-status", &len);
+	cchar = fdt_getprop(fdt, node, "secure-status", NULL);
 	if (cchar == NULL) {
 		if (status == DT_NON_SECURE) {
 			status |= DT_SECURE;
 		}
-	} else if (strncmp(cchar, "okay", (size_t)len) == 0) {
+	} else if (strncmp(cchar, "okay", strlen("okay")) == 0) {
 		status |= DT_SECURE;
 	}