[PATCH 3/7] hw/block/pflash_cfi01: Don't decrement pfl->counter below 0

qemu-block

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[PATCH 3/7] hw/block/pflash_cfi01: Don't decrement pfl->counter below 0

From:	Peter Maydell
Subject:	[PATCH 3/7] hw/block/pflash_cfi01: Don't decrement pfl->counter below 0
Date:	Wed, 31 Jul 2024 15:36:13 +0100

In pflash_write() Coverity points out that we can decrement the
unsigned pfl->counter below zero, which makes it wrap around.  In
fact this is harmless, because if pfl->counter is 0 at this point we
also increment pfl->wcycle to 3, and the wcycle == 3 handling doesn't
look at counter; the only way back into code which looks at the
counter value is via wcycle == 1, which will reinitialize the counter.
But it's arguably a little clearer to break early in the "counter ==
0" if(), to avoid the decrement-below-zero.

Resolves: Coverity CID 1547611
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
---
 hw/block/pflash_cfi01.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/hw/block/pflash_cfi01.c b/hw/block/pflash_cfi01.c
index c8f1cf5a872..2f3d1dd509c 100644
--- a/hw/block/pflash_cfi01.c
+++ b/hw/block/pflash_cfi01.c
@@ -614,6 +614,7 @@ static void pflash_write(PFlashCFI01 *pfl, hwaddr offset,
             if (!pfl->counter) {
                 trace_pflash_write(pfl->name, "block write finished");
                 pfl->wcycle++;
+                break;
             }
 
             pfl->counter--;
-- 
2.34.1

[Prev in Thread]

Current Thread

[Next in Thread]

[PATCH 0/7] block: Miscellaneous minor Coverity fixes, Peter Maydell, 2024/07/31
- [PATCH 1/7] block/vdi.c: Avoid potential overflow when calculating size of write, Peter Maydell, 2024/07/31
  - Re: [PATCH 1/7] block/vdi.c: Avoid potential overflow when calculating size of write, Kevin Wolf, 2024/07/31
  - Re: [PATCH 1/7] block/vdi.c: Avoid potential overflow when calculating size of write, Stefan Weil, 2024/07/31
- [PATCH 2/7] block/gluster: Use g_autofree for string in qemu_gluster_parse_json(), Peter Maydell, 2024/07/31
  - Re: [PATCH 2/7] block/gluster: Use g_autofree for string in qemu_gluster_parse_json(), Kevin Wolf, 2024/07/31
  - Re: [PATCH 2/7] block/gluster: Use g_autofree for string in qemu_gluster_parse_json(), Philippe Mathieu-Daudé, 2024/07/31
- [PATCH 3/7] hw/block/pflash_cfi01: Don't decrement pfl->counter below 0, Peter Maydell <=
  - Re: [PATCH 3/7] hw/block/pflash_cfi01: Don't decrement pfl->counter below 0, Kevin Wolf, 2024/07/31
- [PATCH 6/7] hw/ide/pci.c: Remove dead code from bmdma_prepare_buf(), Peter Maydell, 2024/07/31
  - Re: [PATCH 6/7] hw/ide/pci.c: Remove dead code from bmdma_prepare_buf(), Kevin Wolf, 2024/07/31
    - Re: [PATCH 6/7] hw/ide/pci.c: Remove dead code from bmdma_prepare_buf(), Philippe Mathieu-Daudé, 2024/07/31
- [PATCH 4/7] hw/ide/atapi: Be explicit that assigning to s->lcyl truncates, Peter Maydell, 2024/07/31
  - Re: [PATCH 4/7] hw/ide/atapi: Be explicit that assigning to s->lcyl truncates, Markus Armbruster, 2024/07/31
    - Re: [PATCH 4/7] hw/ide/atapi: Be explicit that assigning to s->lcyl truncates, Peter Maydell, 2024/07/31
  - Re: [PATCH 4/7] hw/ide/atapi: Be explicit that assigning to s->lcyl truncates, Kevin Wolf, 2024/07/31
- [PATCH 7/7] block/ssh.c: Don't double-check that characters are hex digits, Peter Maydell, 2024/07/31
  - Re: [PATCH 7/7] block/ssh.c: Don't double-check that characters are hex digits, Kevin Wolf, 2024/07/31

Prev by Date: [PATCH 2/7] block/gluster: Use g_autofree for string in qemu_gluster_parse_json()
Next by Date: [PATCH 6/7] hw/ide/pci.c: Remove dead code from bmdma_prepare_buf()
Previous by thread: Re: [PATCH 2/7] block/gluster: Use g_autofree for string in qemu_gluster_parse_json()
Next by thread: Re: [PATCH 3/7] hw/block/pflash_cfi01: Don't decrement pfl->counter below 0
Index(es):
- Date
- Thread