Make efidp_make_file() have even more, better input constraints.

This is all in the effort to convince coverity that it doesn't
dereference buf when size==0, which it already doesn't.

Signed-off-by: Peter Jones <pjones@redhat.com>

diff --git a/src/dp-media.c b/src/dp-media.c
index cec6b8b..96a576f 100644 (file)
--- a/src/dp-media.c
+++ b/src/dp-media.c
@@ -162,6 +162,12 @@ efidp_make_file(uint8_t *buf, ssize_t size, char *filepath)
        ssize_t len = utf8len(lf, -1) + 1;
        ssize_t req = sizeof (*file) + len * sizeof (uint16_t);
 
+       if (len == 0) {
+               errno = EINVAL;
+               efi_error("%s() called with %s file path", __func__,
+                         filepath == NULL ? "NULL" : "empty");
+               return -1;
+       }
        sz = efidp_make_generic(buf, size, EFIDP_MEDIA_TYPE, EFIDP_MEDIA_FILE,
                                req);
        if (size && sz == req) {

diff --git a/src/dp.c b/src/dp.c
index 4e76e25..82d60b4 100644 (file)
--- a/src/dp.c
+++ b/src/dp.c
@@ -443,9 +443,17 @@ efidp_make_generic(uint8_t *buf, ssize_t size, uint8_t type, uint8_t subtype,
 
        if (!size)
                return total_size;
+
+       if (!buf) {
+               errno = EINVAL;
+               efi_error("%s was called with nonzero size and NULL buffer",
+                         __func__);
+               return -1;
+       }
+
        if (size < total_size) {
-               efi_error("total size is bigger than size limit");
                errno = ENOSPC;
+               efi_error("total size is bigger than size limit");
                return -1;
        }