From 482a700abf487380c2b46bc609357de78eedae3c Mon Sep 17 00:00:00 2001
From: Axel Heider <axel.heider@hensoldt.net>
Date: Mon, 20 Mar 2023 23:33:58 +0100
Subject: [PATCH] vm_arm: check return codes properly

- simple_get_untyped_count() can return an error code.
- camkes_dtb_untyped_count() may also return an error, given the current
  signature does not specify it only returns unsigned integers.

Signed-off-by: Axel Heider <axel.heider@hensoldt.net>
---
 components/Init/src/main.c   | 4 +++-
 components/VM_Arm/src/main.c | 8 ++++++--
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/components/Init/src/main.c b/components/Init/src/main.c
index c80fa411..b5bcecda 100644
--- a/components/Init/src/main.c
+++ b/components/Init/src/main.c
@@ -198,7 +198,9 @@ void pre_init(void)
     }
 
     /* add untyped mmios */
-    for (int i = 0; i < simple_get_untyped_count(&camkes_simple); i++) {
+    int cnt = simple_get_untyped_count(&camkes_simple);
+    assert(cnt >= 0); /* This shall never fail. */
+    for (int i = 0; i < cnt; i++) {
         size_t size;
         uintptr_t paddr;
         bool device;
diff --git a/components/VM_Arm/src/main.c b/components/VM_Arm/src/main.c
index 1865d404..c4e0f280 100644
--- a/components/VM_Arm/src/main.c
+++ b/components/VM_Arm/src/main.c
@@ -437,7 +437,9 @@ static int vmm_init(void)
     utspace_alloc_at_copy = vka->utspace_alloc_at;
     vka->utspace_alloc_at = camkes_vm_utspace_alloc_at;
 
-    for (int i = 0; i < simple_get_untyped_count(simple); i++) {
+    int cnt = simple_get_untyped_count(simple);
+    assert(cnt >= 0); /* This shall never fail. */
+    for (int i = 0; i < cnt; i++) {
         size_t size;
         uintptr_t paddr;
         bool device;
@@ -454,7 +456,9 @@ static int vmm_init(void)
     }
 
     if (camkes_dtb_untyped_count) {
-        for (int i = 0; i < camkes_dtb_untyped_count(); i++) {
+        cnt = camkes_dtb_untyped_count();
+        assert(cnt >= 0); /* This shall never fail. */
+        for (int i = 0; i < cnt; i++) {
             size_t size;
             uintptr_t paddr;
             seL4_CPtr cap = camkes_dtb_get_nth_untyped(i, &size, &paddr);