If fdt_getprop() returns NULL, this indicates an error. In this case lenp
is set to an error code. But even if lenp = 0 we should not continue.
If fdt_getprop() returns a wider value than we expect this is a separate
error condition.
In both cases the device-tree is invalid.
Addresses-Coverity-ID: 1529703 ("Dereference after null check")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Xiang W <wxjstz@126.com>
Reviewed-by: Anup Patel <anup@brainfault.org>
/* Read "base" DT property */
val = fdt_getprop(fdt, region_offset, "base", &len);
- if (!val && len >= 8)
+ if (!val || len != 8)
return SBI_EINVAL;
val64 = fdt32_to_cpu(val[0]);
val64 = (val64 << 32) | fdt32_to_cpu(val[1]);
/* Read "order" DT property */
val = fdt_getprop(fdt, region_offset, "order", &len);
- if (!val && len >= 4)
+ if (!val || len != 4)
return SBI_EINVAL;
val32 = fdt32_to_cpu(*val);
if (val32 < 3 || __riscv_xlen < val32)