fs: prevent out of place write when no data

Fixes: "Uninitialized return value returned if len equals 0" as reported by Riscure. Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org> Tested-by: Joakim Bech <joakim.bech@linaro.org> (QEMU v7, v8) Reviewed-by: Joakim Bech <joakim.bech@linaro.org> Reported-by: Riscure <inforequest@riscure.com> Reported-by: Alyssa Milburn <a.a.milburn@vu.nl> Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
author: Jens Wiklander <jens.wiklander@linaro.org> 2018-09-10 16:43:43 +0200
committer: Jérôme Forissier <jerome.forissier@linaro.org> 2019-01-21 18:28:37 +0100
commit: 8f58cdbe41688b6d8a5e8b06bfaef1b64c51309f (patch)
tree: d4a3848f118974cfc0ad94721ba334fb5126298b /core/tee
parent: 4ca9e426d8d17f1e1b19ebfa782f7f914e4f6c53 (diff)
1 files changed, 8 insertions, 0 deletions
diff --git a/core/tee/tee_ree_fs.c b/core/tee/tee_ree_fs.c
index e55234d1..42c9a75f 100644
--- a/core/tee/tee_ree_fs.c
+++ b/core/tee/tee_ree_fs.c
@@ -96,6 +96,14 @@ static TEE_Result out_of_place_write(struct tee_fs_fd *fdp, size_t pos,
 	uint8_t *block;
 	struct tee_fs_htree_meta *meta = tee_fs_htree_get_meta(fdp->ht);
 
+	/*
+	 * It doesn't make sense to call this function if nothing is to be
+	 * written. This also guards against end_block_num getting an
+	 * unexpected value when pos == 0 and len == 0.
+	 */
+	if (!len)
+		return TEE_ERROR_BAD_PARAMETERS;
+
 	block = get_tmp_block();
 	if (!block)
 		return TEE_ERROR_OUT_OF_MEMORY;
author	Jens Wiklander <jens.wiklander@linaro.org>	2018-09-10 16:43:43 +0200
committer	Jérôme Forissier <jerome.forissier@linaro.org>	2019-01-21 18:28:37 +0100
commit	8f58cdbe41688b6d8a5e8b06bfaef1b64c51309f (patch)
tree	d4a3848f118974cfc0ad94721ba334fb5126298b /core/tee
parent	4ca9e426d8d17f1e1b19ebfa782f7f914e4f6c53 (diff)