From patchwork Mon Jul 31 08:53:02 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Masahisa Kojima <masahisa.kojima@linaro.org>
X-Patchwork-Id: 708406
Delivered-To: patch@linaro.org
Received: by 2002:a5d:6787:0:b0:317:2194:b2bc with SMTP id v7csp2186283wru;
 Mon, 31 Jul 2023 01:53:49 -0700 (PDT)
X-Google-Smtp-Source: APBJJlEZ/O7Ngj1Gu5JHvIM/lfkjJXy4Z4eb7uFd1XdGWG2m5Kmghmyw3gdOuCQW4Ncyqbc9jcZ9
X-Received: by 2002:adf:ee89:0:b0:317:6263:1ae2 with SMTP id
 b9-20020adfee89000000b0031762631ae2mr8009759wro.63.1690793629093;
 Mon, 31 Jul 2023 01:53:49 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1690793629; cv=none;
 d=google.com; s=arc-20160816;
 b=inEbrDXqj85MfEgXbQUmj1wpQ8ir+BtLiZ8IQgJb9gswZof+5AT7cg/jvbjqVds0jo
 iiExBh1KVBpnHHjEYiHxObC2vn2wW9sOtHtR4WlF7/we+zODM8G8w/5Q2HBtqNYwyS8w
 xgklykwSUAuec+RtOKADaLDxGEiQUbTTmu1/RO1W8cxBFu/BLUg9KJEMzm0Hhg1QDz7L
 MJgOR0TD4pz4DNWo3ydlpvxDNvyhgVyL8P4wnF+yzaurnfiysanno5GvGwTmcj06y05L
 2PPZB/GK9egHX/lGrbZTmbC7vbEg2abwteWG307xcru0pchoCxk6lszt9Ka5y5qjU3jg
 i6cQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:content-transfer-encoding
 :mime-version:message-id:date:subject:cc:to:from:dkim-signature;
 bh=mPo+KPk+kKEnIL+vJbVNou2m5DZN5rPFcBMbtZG+yEE=;
 fh=O7wtl66COtw3HMxcvS1BLdMNq1G6ijAidVPJCL9dfKk=;
 b=uoOmQy5VWw5jSlqC4PESbEDFZ0mw85Ciq7yBf54wx0mPnvQbyNRRRlFf3FwBSMPiQO
 rGp3P3o+n3JXkqk0p/QrmdF4CfzmvD5DSY7s495DNrnaNkKPyW3CND5lUGzJ40cpUvnP
 I0fLzHNsEJmAbGVwp8VG16uthniclrlqGBDekDvXprXqSdYcptj01mIV3xzndBObOBqI
 nM23Ww3+zLS8IOZjkxF7TrVPjj1P3R3BaiK0pkVNFoWeeObBs7msupQLuXDbhSkOwYGX
 OY6qhP5hmMiinJx7IGDVQwei8pkDANUmyKy4SIlsEHfK2Yp6IZ/nTSShBgST1C6NEZK3
 er6Q==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=BU6YE7Jw;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender)
 smtp.mailfrom=u-boot-bounces@lists.denx.de;
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <u-boot-bounces@lists.denx.de>
Received: from phobos.denx.de (phobos.denx.de.
 [2a01:238:438b:c500:173d:9f52:ddab:ee01])
 by mx.google.com with ESMTPS id
 x10-20020adff64a000000b0031441e81076si4300596wrp.354.2023.07.31.01.53.48
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 31 Jul 2023 01:53:49 -0700 (PDT)
Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de
 designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender)
 client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=BU6YE7Jw;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender)
 smtp.mailfrom=u-boot-bounces@lists.denx.de;
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
 by phobos.denx.de (Postfix) with ESMTP id 4E5CA8697D;
 Mon, 31 Jul 2023 10:53:47 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key;
 unprotected) header.d=linaro.org header.i=@linaro.org header.b="BU6YE7Jw";
 dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 623C286988; Mon, 31 Jul 2023 10:53:45 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS,
 T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2
Received: from mail-pf1-x42e.google.com (mail-pf1-x42e.google.com
 [IPv6:2607:f8b0:4864:20::42e])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 17BCE868DA
 for <u-boot@lists.denx.de>; Mon, 31 Jul 2023 10:53:43 +0200 (CEST)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=masahisa.kojima@linaro.org
Received: by mail-pf1-x42e.google.com with SMTP id
 d2e1a72fcca58-6873a30d02eso436688b3a.3
 for <u-boot@lists.denx.de>; Mon, 31 Jul 2023 01:53:43 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=linaro.org; s=google; t=1690793621; x=1691398421;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:from:to:cc:subject:date:message-id:reply-to;
 bh=mPo+KPk+kKEnIL+vJbVNou2m5DZN5rPFcBMbtZG+yEE=;
 b=BU6YE7JwFUdlyvAi2Ey6JVammRSsI+pc5vECe+7OV7bf61pZpXYsQAko/Lryxtb1zS
 nTi/+kMqArNk4c3KEuulyu4oLwnOcRtedjdg/RVW8WsJlpWaRFhe6omOwLINUCZ0FOc2
 BRnE9l+9LR8hzVFB9+QgT38vGbsZUYAr9P05gJmh+x/fFBI7Xa1S3np/gOehQN70o6Qd
 3mjsw2Kefka/yPr+ROou961xvQ3965Ndt7c0sad2Ud36npVTjJ30gUKcIxZekmJGgtaU
 QOozo+0SWuCihu72zESF2k9sBGvTKkKqAznbT2XhstBxEqd9srquPyzTdQj+xmvoHUiE
 r+Ww==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20221208; t=1690793621; x=1691398421;
 h=content-transfer-encoding:mime-version:message-id:date:subject:cc
 :to:from:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=mPo+KPk+kKEnIL+vJbVNou2m5DZN5rPFcBMbtZG+yEE=;
 b=J0tIYX4a6mhkdzugv991Fyz225DYlUMCs8mtpZTFBmsA+5U/qtUYrFPIO36DcAFX5R
 0oD3ef2CB8lSJomLIUukhEIFvemPl65V+e/gdYSGyrDjNlahcqYdJLy+p2ivzPrFnXjj
 2EH/7+cQGprFMPXp/ReiK83iop8aP2mF2Yl8g2Co6jXIFjyXgR1CycPUT0XUaN1DarkK
 aOV1YbZHOCUd0djw++hrcHWY+AR0IAH0CHLJT+B5K4kvZMxAMHOWFisJS6jNdWHk+rFv
 WQsXmnA0tCXYts14PJPW0cT/PnE2/7fBt6a1V4/hL+hELBR0fIrE0inJ+1NISFEzgv1K
 88fQ==
X-Gm-Message-State: ABy/qLbI/pSbdstUT1YtIBzsGkCgxKn/phMKQhUi2fXFudui3IiPJXxg
 +tS4hZ4XFPAvb2WjTafON2ZfPE/aR9AoScA+Dwg=
X-Received: by 2002:a05:6a20:9193:b0:137:ff56:e871 with SMTP id
 v19-20020a056a20919300b00137ff56e871mr9896407pzd.33.1690793621061;
 Mon, 31 Jul 2023 01:53:41 -0700 (PDT)
Received: from localhost ([164.70.16.189]) by smtp.gmail.com with ESMTPSA id
 16-20020aa79210000000b00682af82a9desm7270409pfo.98.2023.07.31.01.53.40
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Mon, 31 Jul 2023 01:53:40 -0700 (PDT)
From: Masahisa Kojima <masahisa.kojima@linaro.org>
To: u-boot@lists.denx.de
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Ilias Apalodimas <ilias.apalodimas@linaro.org>,
 Masahisa Kojima <masahisa.kojima@linaro.org>
Subject: [PATCH] efi_loader: check uuid_str_to_bin return value
Date: Mon, 31 Jul 2023 17:53:02 +0900
Message-Id: <20230731085302.1049459-1-masahisa.kojima@linaro.org>
X-Mailer: git-send-email 2.34.1
MIME-Version: 1.0
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de
X-Virus-Status: Clean

Check the uuid_str_to_bin return value, skip the node
if the image-type-id property is wrong format.

Addresses-Coverity-ID: 463145 ("Error handling issues")
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
---
 lib/efi_loader/efi_firmware.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/lib/efi_loader/efi_firmware.c b/lib/efi_loader/efi_firmware.c
index b557738370..9abb29f1df 100644
--- a/lib/efi_loader/efi_firmware.c
+++ b/lib/efi_loader/efi_firmware.c
@@ -159,7 +159,7 @@ static void efi_firmware_get_lsv_from_dtb(u8 image_index,
 	const fdt32_t *val;
 	const char *guid_str;
 	int len, offset, index;
-	int parent;
+	int parent, ret;
 
 	*lsv = 0;
 
@@ -173,7 +173,11 @@ static void efi_firmware_get_lsv_from_dtb(u8 image_index,
 		guid_str = fdt_getprop(fdt, offset, "image-type-id", &len);
 		if (!guid_str)
 			continue;
-		uuid_str_to_bin(guid_str, guid.b, UUID_STR_FORMAT_GUID);
+		ret = uuid_str_to_bin(guid_str, guid.b, UUID_STR_FORMAT_GUID);
+		if (ret < 0) {
+			log_warning("Wrong image-type-id format.\n");
+			continue;
+		}
 
 		val = fdt_getprop(fdt, offset, "image-index", &len);
 		if (!val)