From 2deb5fb3b07e07ee3d0d142723e2a25f5982d417 Mon Sep 17 00:00:00 2001
From: John Zhao <john.zhao@intel.com>
Date: Wed, 29 May 2019 18:12:01 -0700
Subject: src/device: Prevent attack on null pointer dereference

Clang Static Analyzer version 8.0.0 detects access to field dev results
in a dereference of a null pointer which is loaded from variable bus.
Add sanity check for pointer bus to prevent null pointer dereference.

TEST=Built and boot up to kernel.

Change-Id: I084906c33065eaa834f50c545efcfab620658ec9
Signed-off-by: John Zhao <john.zhao@intel.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/33101
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Lijian Zhao <lijian.zhao@intel.com>
---
 src/device/device.c | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'src/device')

diff --git a/src/device/device.c b/src/device/device.c
index 1b4255bffe..17cd8f4ab8 100644
--- a/src/device/device.c
+++ b/src/device/device.c
@@ -340,6 +340,9 @@ static void compute_resources(struct bus *bus, struct resource *bridge,
 	resource_t base;
 	base = round(bridge->base, bridge->align);
 
+	if (!bus)
+		return;
+
 	printk(BIOS_SPEW,  "%s %s: base: %llx size: %llx align: %d gran: %d"
 	       " limit: %llx\n", dev_path(bus->dev), resource2str(bridge),
 	       base, bridge->size, bridge->align,
@@ -484,6 +487,9 @@ static void allocate_resources(struct bus *bus, struct resource *bridge,
 	resource_t base;
 	base = bridge->base;
 
+	if (!bus)
+		return;
+
 	printk(BIOS_SPEW, "%s %s: base:%llx size:%llx align:%d gran:%d "
 	       "limit:%llx\n", dev_path(bus->dev),
 	       resource2str(bridge),
-- 
cgit v1.2.3