summary refs log tree commit diff stats
path: root/results/classifier/accel-gemma3:12b/vmm/1879998
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/accel-gemma3:12b/vmm/1879998')
-rw-r--r--results/classifier/accel-gemma3:12b/vmm/187999828
1 files changed, 28 insertions, 0 deletions
diff --git a/results/classifier/accel-gemma3:12b/vmm/1879998 b/results/classifier/accel-gemma3:12b/vmm/1879998
new file mode 100644
index 000000000..827b46909
--- /dev/null
+++ b/results/classifier/accel-gemma3:12b/vmm/1879998
@@ -0,0 +1,28 @@
+
+Bad check for return value of mmap()
+
+In
+./roms/skiboot/extract-gcov.c
+there is this code:
+
+        addr = mmap(NULL, sb.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
+        assert(addr != NULL);
+
+This check is wrong, mmap never returns NULL, on errors it returns MAP_FAILED (or -1). (Also sidenote: asserts usually shouldn't be used for error checking.)
+
+In
+roms/skiboot/libstb/print-container.c
+there's a similar issue:
+
+        payload = mmap(NULL, payload_st.st_size - SECURE_BOOT_HEADERS_SIZE,
+                        PROT_READ, MAP_PRIVATE, fdin, SECURE_BOOT_HEADERS_SIZE);
+        if (!payload)
+
+This if should be (payload == MAP_FAILED).
+
+Another one is in
+./roms/skiboot/libstb/create-container.c
+
+And in
+./roms/u-boot/tools/aisimage.c
+there's an mmap call that does not check the return value at all.
\ No newline at end of file