mirror of
				https://github.com/qemu/qemu.git
				synced 2025-10-26 12:03:40 +00:00 
			
		
		
		
	 5e29521a82
			
		
	
	
		5e29521a82
		
	
	
	
	
		
			
			The value returned by qemu_find_file() must be freed.
This fixes Coverity issue CID 1430449, which points out
that the memory returned by qemu_find_file() is leaked.
Fixes: Coverity CID 1430449 (RESOURCE_LEAK)
Fixes: 7dd8f6fde4 ('hw/avr: Add support for loading ELF/raw binaries')
Signed-off-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Michael Rolnik <mrolnik@gmail.com>
Tested-by: Michael Rolnik <mrolnik@gmail.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Message-Id: <20200714164257.23330-5-f4bug@amsat.org>
		
	
			
		
			
				
	
	
		
			116 lines
		
	
	
		
			3.8 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
			
		
		
	
	
			116 lines
		
	
	
		
			3.8 KiB
		
	
	
	
		
			C
		
	
	
	
	
	
| /*
 | |
|  * AVR loader helpers
 | |
|  *
 | |
|  * Copyright (c) 2019-2020 Philippe Mathieu-Daudé
 | |
|  *
 | |
|  * This work is licensed under the terms of the GNU GPLv2 or later.
 | |
|  * See the COPYING file in the top-level directory.
 | |
|  * SPDX-License-Identifier: GPL-2.0-or-later
 | |
|  */
 | |
| 
 | |
| #include "qemu/osdep.h"
 | |
| #include "qemu-common.h"
 | |
| #include "hw/loader.h"
 | |
| #include "elf.h"
 | |
| #include "boot.h"
 | |
| #include "qemu/error-report.h"
 | |
| 
 | |
| static const char *avr_elf_e_flags_to_cpu_type(uint32_t flags)
 | |
| {
 | |
|     switch (flags & EF_AVR_MACH) {
 | |
|     case bfd_mach_avr1:
 | |
|         return AVR_CPU_TYPE_NAME("avr1");
 | |
|     case bfd_mach_avr2:
 | |
|         return AVR_CPU_TYPE_NAME("avr2");
 | |
|     case bfd_mach_avr25:
 | |
|         return AVR_CPU_TYPE_NAME("avr25");
 | |
|     case bfd_mach_avr3:
 | |
|         return AVR_CPU_TYPE_NAME("avr3");
 | |
|     case bfd_mach_avr31:
 | |
|         return AVR_CPU_TYPE_NAME("avr31");
 | |
|     case bfd_mach_avr35:
 | |
|         return AVR_CPU_TYPE_NAME("avr35");
 | |
|     case bfd_mach_avr4:
 | |
|         return AVR_CPU_TYPE_NAME("avr4");
 | |
|     case bfd_mach_avr5:
 | |
|         return AVR_CPU_TYPE_NAME("avr5");
 | |
|     case bfd_mach_avr51:
 | |
|         return AVR_CPU_TYPE_NAME("avr51");
 | |
|     case bfd_mach_avr6:
 | |
|         return AVR_CPU_TYPE_NAME("avr6");
 | |
|     case bfd_mach_avrtiny:
 | |
|         return AVR_CPU_TYPE_NAME("avrtiny");
 | |
|     case bfd_mach_avrxmega2:
 | |
|         return AVR_CPU_TYPE_NAME("xmega2");
 | |
|     case bfd_mach_avrxmega3:
 | |
|         return AVR_CPU_TYPE_NAME("xmega3");
 | |
|     case bfd_mach_avrxmega4:
 | |
|         return AVR_CPU_TYPE_NAME("xmega4");
 | |
|     case bfd_mach_avrxmega5:
 | |
|         return AVR_CPU_TYPE_NAME("xmega5");
 | |
|     case bfd_mach_avrxmega6:
 | |
|         return AVR_CPU_TYPE_NAME("xmega6");
 | |
|     case bfd_mach_avrxmega7:
 | |
|         return AVR_CPU_TYPE_NAME("xmega7");
 | |
|     default:
 | |
|         return NULL;
 | |
|     }
 | |
| }
 | |
| 
 | |
| bool avr_load_firmware(AVRCPU *cpu, MachineState *ms,
 | |
|                        MemoryRegion *program_mr, const char *firmware)
 | |
| {
 | |
|     g_autofree char *filename = NULL;
 | |
|     int bytes_loaded;
 | |
|     uint64_t entry;
 | |
|     uint32_t e_flags;
 | |
| 
 | |
|     filename = qemu_find_file(QEMU_FILE_TYPE_BIOS, firmware);
 | |
|     if (filename == NULL) {
 | |
|         error_report("Unable to find %s", firmware);
 | |
|         return false;
 | |
|     }
 | |
| 
 | |
|     bytes_loaded = load_elf_ram_sym(filename,
 | |
|                                     NULL, NULL, NULL,
 | |
|                                     &entry, NULL, NULL,
 | |
|                                     &e_flags, 0, EM_AVR, 0, 0,
 | |
|                                     NULL, true, NULL);
 | |
|     if (bytes_loaded >= 0) {
 | |
|         /* If ELF file is provided, determine CPU type reading ELF e_flags. */
 | |
|         const char *elf_cpu = avr_elf_e_flags_to_cpu_type(e_flags);
 | |
|         const char *mcu_cpu_type = object_get_typename(OBJECT(cpu));
 | |
|         int cpu_len = strlen(mcu_cpu_type) - strlen(AVR_CPU_TYPE_SUFFIX);
 | |
| 
 | |
|         if (entry) {
 | |
|             error_report("BIOS entry_point must be 0x0000 "
 | |
|                          "(ELF image '%s' has entry_point 0x%04" PRIx64 ")",
 | |
|                          firmware, entry);
 | |
|             return false;
 | |
|         }
 | |
|         if (!elf_cpu) {
 | |
|             warn_report("Could not determine CPU type for ELF image '%s', "
 | |
|                         "assuming '%.*s' CPU",
 | |
|                          firmware, cpu_len, mcu_cpu_type);
 | |
|             return true;
 | |
|         }
 | |
|         if (strcmp(elf_cpu, mcu_cpu_type)) {
 | |
|             error_report("Current machine: %s with '%.*s' CPU",
 | |
|                          MACHINE_GET_CLASS(ms)->desc, cpu_len, mcu_cpu_type);
 | |
|             error_report("ELF image '%s' is for '%.*s' CPU",
 | |
|                          firmware,
 | |
|                          (int)(strlen(elf_cpu) - strlen(AVR_CPU_TYPE_SUFFIX)),
 | |
|                          elf_cpu);
 | |
|             return false;
 | |
|         }
 | |
|     } else {
 | |
|         bytes_loaded = load_image_mr(filename, program_mr);
 | |
|     }
 | |
|     if (bytes_loaded < 0) {
 | |
|         error_report("Unable to load firmware image %s as ELF or raw binary",
 | |
|                      firmware);
 | |
|         return false;
 | |
|     }
 | |
|     return true;
 | |
| }
 |