coverity i2c Issue

Joel Sherrill joel.sherrill at oarcorp.com
Tue Nov 25 19:03:29 UTC 2014


Hi

These appear to be easy to address. I would appreciate someone
addressing these:

i2c/eeprom.c:

221
   
1. Condition address_bytes > 4, taking false branch
   
2. cond_at_most: Checking address_bytes > 4 implies
that address_bytes has the value which may be up to 4 on the false branch.
222  if (address_bytes > EEPROM_MAX_ADDRESS_BYTES) {
223    rtems_set_errno_and_return_minus_one(ERANGE);
224  }
225
   
3. Condition page_size_in_bytes > 128, taking true branch
226  if (page_size_in_bytes > EEPROM_MAX_PAGE_SIZE) {
227    page_size_in_bytes = EEPROM_MAX_PAGE_SIZE;
228  }
229
   
CID 1255517 (#1 of 1): Bad bit shift operation
(BAD_SHIFT)4. large_shift: In
expression size_in_bytes >> 8 * address_bytes, right shifting by more
than 31 bits has undefined behavior. The shift
amount, 8 * address_bytes, is as much as 32.
230  extra_address = size_in_bytes >> (8 * address_bytes);

I think line 230 should be something like:

if ( address_bytes == EEPROM_MAX_ADDRESS_BYTES )
  extra_address = 0;
else
  extra_address = size_in_bytes >> (8 * address_bytes);

That avoids the undefined behavior.

Comments

-- 
Joel Sherrill, Ph.D.             Director of Research & Development
joel.sherrill at OARcorp.com        On-Line Applications Research
Ask me about RTEMS: a free RTOS  Huntsville AL 35805
Support Available                (256) 722-9985

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rtems.org/pipermail/devel/attachments/20141125/e91482bc/attachment-0001.html>


More information about the devel mailing list