From 4eef651ff503f81b778e5af0ed78354e0dec0dd7 Mon Sep 17 00:00:00 2001
From: Edward O'Callaghan <quasisec@google.com>
Date: Wed, 3 Feb 2021 11:19:41 +1100
Subject: [PATCH] programmer.h: Convert anon union to anon struct

Convert the anon union of registered masters in the mst
field of the flashctx to a anon struct. If we are going
to dereference a pointer there in an undefined way we
should crash and not plow ahead with invalid memory.

The user of the registered_masters type is therefore
responsible for querying the buses_supported field before
attempting to dereference a ptr field in the anon struct.

BUG=b:175849641
TEST=`flashrom -p internal --flash-name`

Change-Id: I576967a8599b923c902e39f177f39146291cc242
Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Reviewed-on: https://review.coreboot.org/c/flashrom/+/50246
Reviewed-by: Anastasia Klimchuk <aklm@chromium.org>
Reviewed-by: Peter Marheine <pmarheine@chromium.org>
Reviewed-by: Daniel Campello <campello@chromium.org>
Reviewed-by: Sam McNally <sammc@google.com>
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
---
 opaque.c     | 2 +-
 programmer.c | 3 ++-
 programmer.h | 2 +-
 spi.c        | 2 +-
 4 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/opaque.c b/opaque.c
index 276934fd1..e3103c891 100644
--- a/opaque.c
+++ b/opaque.c
@@ -48,7 +48,7 @@ int erase_opaque(struct flashctx *flash, unsigned int blockaddr, unsigned int bl
 
 int register_opaque_master(const struct opaque_master *mst)
 {
-	struct registered_master rmst;
+	struct registered_master rmst = {0};
 
 	if (!mst->probe || !mst->read || !mst->write || !mst->erase) {
 		msg_perr("%s called with incomplete master definition. "
diff --git a/programmer.c b/programmer.c
index bee60e386..42ea2e3b9 100644
--- a/programmer.c
+++ b/programmer.c
@@ -83,7 +83,8 @@ void fallback_chip_readn(const struct flashctx *flash, uint8_t *buf,
 int register_par_master(const struct par_master *mst,
 			    const enum chipbustype buses)
 {
-	struct registered_master rmst;
+	struct registered_master rmst = {0};
+
 	if (!mst->chip_writeb || !mst->chip_writew || !mst->chip_writel ||
 	    !mst->chip_writen || !mst->chip_readb || !mst->chip_readw ||
 	    !mst->chip_readl || !mst->chip_readn) {
diff --git a/programmer.h b/programmer.h
index 29a100be8..675a2594e 100644
--- a/programmer.h
+++ b/programmer.h
@@ -749,7 +749,7 @@ struct par_master {
 int register_par_master(const struct par_master *mst, const enum chipbustype buses);
 struct registered_master {
 	enum chipbustype buses_supported;
-	union {
+	struct {
 		struct par_master par;
 		struct spi_master spi;
 		struct opaque_master opaque;
diff --git a/spi.c b/spi.c
index aed2a927a..aa245d7e0 100644
--- a/spi.c
+++ b/spi.c
@@ -133,7 +133,7 @@ int spi_aai_write(struct flashctx *flash, const uint8_t *buf, unsigned int start
 
 int register_spi_master(const struct spi_master *mst)
 {
-	struct registered_master rmst;
+	struct registered_master rmst = {0};
 
 	if (!mst->write_aai || !mst->write_256 || !mst->read || !mst->command ||
 	    !mst->multicommand ||