[PATCH v2 0/2] common: buffer access out-of-bounds

[PATCH v2 0/2] common: buffer access out-of-bounds

[Abdelrahman Youssef via B4 Relay]

Signed-off-by: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>
---
Abdelrahman Youssef (2):
      include: Include <linux/math.h> to resolve implicit declaration of do_div()
      common: buffer access out-of-bounds

 common/filetype.c     | 8 ++++----
 include/linux/ktime.h | 1 +
 2 files changed, 5 insertions(+), 4 deletions(-)
---
base-commit: 9d47ff66c3892c5a6ddd4704993365a797fbeb68
change-id: 20241017-errors_fixes-81248755b864

Best regards,
-- 
Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>

[PATCH v2 1/2] include: Include <linux/math.h> to resolve implicit declaration of do_div()

[Abdelrahman Youssef via B4 Relay]

From: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>

I was testing barebox with randconfig, so I got a warning (treated as an error) : implicit declaration of do_div().
So <linux/math.h> needs to included.

Signed-off-by: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>
---
 include/linux/ktime.h | 1 +
 1 file changed, 1 insertion(+)

diff --git a/include/linux/ktime.h b/include/linux/ktime.h
index ea368b8802..2b9a91d540 100644
--- a/include/linux/ktime.h
+++ b/include/linux/ktime.h
@@ -21,6 +21,7 @@
 #ifndef _LINUX_KTIME_H
 #define _LINUX_KTIME_H
 
+#include <linux/math.h>
 #include <linux/time.h>
 #include <clock.h>
 #include <linux/bug.h>

-- 
2.43.0

Re: [PATCH v2 1/2] include: Include <linux/math.h> to resolve implicit declaration of do_div()

[Ahmad Fatoum]

Hello Abdelrahman,

On 18.10.24 13:45, Abdelrahman Youssef via B4 Relay wrote:
> From: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>
> 
> I was testing barebox with randconfig, so I got a warning (treated as an error) : implicit declaration of do_div().
> So <linux/math.h> needs to included.
> 
> Signed-off-by: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>

If there's no changes to v1, there no need to resend.

Cheers,
Ahmad

> ---
>  include/linux/ktime.h | 1 +
>  1 file changed, 1 insertion(+)
> 
> diff --git a/include/linux/ktime.h b/include/linux/ktime.h
> index ea368b8802..2b9a91d540 100644
> --- a/include/linux/ktime.h
> +++ b/include/linux/ktime.h
> @@ -21,6 +21,7 @@
>  #ifndef _LINUX_KTIME_H
>  #define _LINUX_KTIME_H
>  
> +#include <linux/math.h>
>  #include <linux/time.h>
>  #include <clock.h>
>  #include <linux/bug.h>
> 


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

[PATCH v2 2/2] common: buffer access out-of-bounds

[Abdelrahman Youssef via B4 Relay]

From: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>

in file_detect_type() to detect file of type socfpga_xload you need at least
68 bytes bytes, so we need to check if we have enough bufsize.
So I moved it after checking if `bufsize >= 256`.

Signed-off-by: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>
---
 common/filetype.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/common/filetype.c b/common/filetype.c
index 3690d4ae07..3f74871d7f 100644
--- a/common/filetype.c
+++ b/common/filetype.c
@@ -374,9 +374,6 @@ enum filetype file_detect_type(const void *_buf, size_t bufsize)
 	if (le32_to_cpu(buf[5]) == 0x504d5453)
 		return filetype_mxs_bootstream;
 
-	if (buf[16] == 0x31305341)
-		return filetype_socfpga_xload;
-
 	if (is_barebox_arm_head(_buf))
 		return filetype_arm_barebox;
 	if (buf[9] == 0x016f2818 || buf[9] == 0x18286f01)
@@ -388,7 +385,10 @@ enum filetype file_detect_type(const void *_buf, size_t bufsize)
 	if (bufsize < 256)
 		return filetype_unknown;
 
-	if (strncmp(buf8, "STM\x32", 4) == 0) {
+	if (buf[16] == 0x31305341)
+		return filetype_socfpga_xload;
+
+    if (strncmp(buf8, "STM\x32", 4) == 0) {
 		if (buf8[74] == 0x01) {
 			switch(le32_to_cpu(buf[63])) {
 			case 0x00000000:

-- 
2.43.0

Re: [PATCH v2 2/2] common: buffer access out-of-bounds

[Ahmad Fatoum]

Hi,

On 18.10.24 13:45, Abdelrahman Youssef via B4 Relay wrote:
> From: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>
> 
> in file_detect_type() to detect file of type socfpga_xload you need at least
> 68 bytes bytes, so we need to check if we have enough bufsize.
> So I moved it after checking if `bufsize >= 256`.
> 
> Signed-off-by: Abdelrahman Youssef <abdelrahmanyossef12@gmail.com>

Given that there's a small thing to fix with this patch, please resend
it separately with below point addressed.

> ---
>  common/filetype.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)
> 
> diff --git a/common/filetype.c b/common/filetype.c
> index 3690d4ae07..3f74871d7f 100644
> --- a/common/filetype.c
> +++ b/common/filetype.c
> @@ -374,9 +374,6 @@ enum filetype file_detect_type(const void *_buf, size_t bufsize)
>  	if (le32_to_cpu(buf[5]) == 0x504d5453)
>  		return filetype_mxs_bootstream;
>  
> -	if (buf[16] == 0x31305341)
> -		return filetype_socfpga_xload;
> -
>  	if (is_barebox_arm_head(_buf))
>  		return filetype_arm_barebox;
>  	if (buf[9] == 0x016f2818 || buf[9] == 0x18286f01)
> @@ -388,7 +385,10 @@ enum filetype file_detect_type(const void *_buf, size_t bufsize)
>  	if (bufsize < 256)
>  		return filetype_unknown;
>  
> -	if (strncmp(buf8, "STM\x32", 4) == 0) {
> +	if (buf[16] == 0x31305341)
> +		return filetype_socfpga_xload;
> +
> +    if (strncmp(buf8, "STM\x32", 4) == 0) {

This whitespace change is unrelated to your fix.

>  		if (buf8[74] == 0x01) {
>  			switch(le32_to_cpu(buf[63])) {
>  			case 0x00000000:
> 


-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |