Re: [PATCH] hw/tpm/tpm_tis_common.c: Assert that locty is in range

[Peter Maydell]

On Wed, 18 May 2022 at 14:46, Stefan Berger <stefanb@linux.ibm.com> wrote:
>
>
>
> On 5/13/22 12:38, Peter Maydell wrote:
> > In tpm_tis_mmio_read(), tpm_tis_mmio_write() and
> > tpm_tis_dump_state(), we calculate a locality index with
> > tpm_tis_locality_from_addr() and then use it as an index into the
> > s->loc[] array.  In all these cases, the array index can't overflow
> > because the MemoryRegion is sized to be TPM_TIS_NUM_LOCALITIES <<
> > TPM_TIS_LOCALITY_SHIFT bytes.  However, Coverity can't see that, and
> > it complains (CID 1487138, 1487180, 1487188, 1487198, 1487240).
>

> All 3 of your fixes below are after the 3 existing calls to
> tpm_tis_locality_from_addr(). Would Coverity be happy if we were to move
> the asserts into that one function? I am fine with this patch, though.

Yes, I think Coverity would be happy either way. There's not
a lot in it, but I picked this way round because in theory one
might want in a hypothetical future situation to have a different
kind of error checking for a callsite that did an address-to-locality
lookup: it's not inherently of itself never possible it can fail.

thanks
-- PMM