[scan-admin at coverity.com: New Defects reported by Coverity Scan for Das U-Boot]

Mon Sep 6 16:05:40 CEST 2021

Hello Tom!

Looks like it a false positive detection.
info and dev_desc are validated in few lines above:

609 |    if (!info.name[0] &&
610 |        fastboot_mmc_get_part_info(cmd, &dev_desc, &info, response)
< 0)
611 |        return;

30.08.21 20:39, Tom Rini пише:

> Hey all,
>
> Here's the latest report.
>
> ----- Forwarded message from scan-admin at coverity.com -----
>
> Date: Mon, 30 Aug 2021 16:58:54 +0000 (UTC)
> From: scan-admin at coverity.com
> To: tom.rini at gmail.com
> Subject: New Defects reported by Coverity Scan for Das U-Boot
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to Das U-Boot found with Coverity Scan.
>
> 2 new defect(s) introduced to Das U-Boot found with Coverity Scan.
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 2 of 2 defect(s)
>
>
> ** CID 338648:  Memory - illegal accesses  (UNINIT)
> /drivers/fastboot/fb_mmc.c: 618 in fastboot_mmc_flash_write()
>
>
> ________________________________________________________________________________________________________
> *** CID 338648:  Memory - illegal accesses  (UNINIT)
> /drivers/fastboot/fb_mmc.c: 618 in fastboot_mmc_flash_write()
> 612     
> 613     	if (is_sparse_image(download_buffer)) {
> 614     		struct fb_mmc_sparse sparse_priv;
> 615     		struct sparse_storage sparse;
> 616     		int err;
> 617     
>>>>     CID 338648:  Memory - illegal accesses  (UNINIT)
>>>>     Using uninitialized value "dev_desc".
> 618     		sparse_priv.dev_desc = dev_desc;
> 619     
> 620     		sparse.blksz = info.blksz;
> 621     		sparse.start = info.start;
> 622     		sparse.size = info.size;
> 623     		sparse.write = fb_mmc_sparse_write;
>
> ** CID 338647:  Integer handling issues  (DIVIDE_BY_ZERO)
>
>
> ________________________________________________________________________________________________________
> *** CID 338647:  Integer handling issues  (DIVIDE_BY_ZERO)
> /drivers/fastboot/fb_mmc.c: 631 in fastboot_mmc_flash_write()
> 625     		sparse.mssg = fastboot_fail;
> 626     
> 627     		printf("Flashing sparse image at offset " LBAFU "\n",
> 628     		       sparse.start);
> 629     
> 630     		sparse.priv = &sparse_priv;
>>>>     CID 338647:  Integer handling issues  (DIVIDE_BY_ZERO)
>>>>     In function call "write_sparse_image", division by expression "sparse.blksz" which may be zero has undefined behavior.
> 631     		err = write_sparse_image(&sparse, cmd, download_buffer,
> 632     					 response);
> 633     		if (!err)
> 634     			fastboot_okay(NULL, response);
> 635     	} else {
> 636     		write_raw_image(dev_desc, &info, cmd, download_buffer,
>
>
> ________________________________________________________________________________________________________
> To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoA22WlOQ-2By3ieUvdbKmOyw68TMVT4Kip-2BBzfOGWXJ5yIiYplmPF9KAnKIja4Zd7tU-3DB0R5_EEm8SbLgSDsaDZif-2Bv7ch8WqhKpLoKErHi4nXpwDNTsWpxO-2FB72i0SdTN3-2BHFJyiYovM6CPwd6hE024NqoJv2G1PZTeHMVC9jxFLJgI9alL1SVy-2FumNUJ7wQLM0LhmayO628LnXGSp6-2BQxL8eWMnX8DfYwdG1iiYjTCUb6p6N4KZqayMpDRL0dNo-2FZrxTT-2FAz2SR1H1kktB9lp0iaajH-2BQ-3D-3D
>
>   To manage Coverity Scan email notifications for "tom.rini at gmail.com", click https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxWeIHzDeopm-2BEWQ6S6K-2FtUHv9ZTk8qZbuzkkz9sa-2BJFw4elYDyedRVZOC-2ButxjBZdouVmTGuWB6Aj6G7lm7t25-2Biv1B-2B9082pHzCCex2kqMs-3DiOdo_EEm8SbLgSDsaDZif-2Bv7ch8WqhKpLoKErHi4nXpwDNTsWpxO-2FB72i0SdTN3-2BHFJyiTVHAVBb1e5w6-2BMjbd4JHjfrBraKGFtJ28aslex2Dq-2BGKoKqFa9LXDqSXKh1T4x2FIG8bOrMBw8qOG48BL8SGCU5Fh4Mz3heVvRktq2Dv-2Bu-2Fb8WoqCxYHUiUWEtrXPETG439ARsKn2eC80b78pwPIaQ-3D-3D
>
>
> ----- End forwarded message -----
>