[scan-admin at coverity.com: New Defects reported by Coverity Scan for Das U-Boot]

Tom Rini trini at konsulko.com
Mon Sep 6 17:23:47 CEST 2021 

On Mon, Sep 06, 2021 at 05:05:40PM +0300, Oleh Kravchenko wrote:

> Hello Tom!
> 
> Looks like it a false positive detection.
> info and dev_desc are validated in few lines above:
> 
> 609 |    if (!info.name[0] &&
> 610 |        fastboot_mmc_get_part_info(cmd, &dev_desc, &info, response)
> < 0)
> 611 |        return;

Thanks for reviewing!  I've updated the CIDs.

> 
> 30.08.21 20:39, Tom Rini пише:
> 
> > Hey all,
> >
> > Here's the latest report.
> >
> > ----- Forwarded message from scan-admin at coverity.com -----
> >
> > Date: Mon, 30 Aug 2021 16:58:54 +0000 (UTC)
> > From: scan-admin at coverity.com
> > To: tom.rini at gmail.com
> > Subject: New Defects reported by Coverity Scan for Das U-Boot
> >
> > Hi,
> >
> > Please find the latest report on new defect(s) introduced to Das U-Boot found with Coverity Scan.
> >
> > 2 new defect(s) introduced to Das U-Boot found with Coverity Scan.
> >
> >
> > New defect(s) Reported-by: Coverity Scan
> > Showing 2 of 2 defect(s)
> >
> >
> > ** CID 338648:  Memory - illegal accesses  (UNINIT)
> > /drivers/fastboot/fb_mmc.c: 618 in fastboot_mmc_flash_write()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 338648:  Memory - illegal accesses  (UNINIT)
> > /drivers/fastboot/fb_mmc.c: 618 in fastboot_mmc_flash_write()
> > 612     
> > 613     	if (is_sparse_image(download_buffer)) {
> > 614     		struct fb_mmc_sparse sparse_priv;
> > 615     		struct sparse_storage sparse;
> > 616     		int err;
> > 617     
> >>>>     CID 338648:  Memory - illegal accesses  (UNINIT)
> >>>>     Using uninitialized value "dev_desc".
> > 618     		sparse_priv.dev_desc = dev_desc;
> > 619     
> > 620     		sparse.blksz = info.blksz;
> > 621     		sparse.start = info.start;
> > 622     		sparse.size = info.size;
> > 623     		sparse.write = fb_mmc_sparse_write;
> >
> > ** CID 338647:  Integer handling issues  (DIVIDE_BY_ZERO)
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 338647:  Integer handling issues  (DIVIDE_BY_ZERO)
> > /drivers/fastboot/fb_mmc.c: 631 in fastboot_mmc_flash_write()
> > 625     		sparse.mssg = fastboot_fail;
> > 626     
> > 627     		printf("Flashing sparse image at offset " LBAFU "\n",
> > 628     		       sparse.start);
> > 629     
> > 630     		sparse.priv = &sparse_priv;
> >>>>     CID 338647:  Integer handling issues  (DIVIDE_BY_ZERO)
> >>>>     In function call "write_sparse_image", division by expression "sparse.blksz" which may be zero has undefined behavior.
> > 631     		err = write_sparse_image(&sparse, cmd, download_buffer,
> > 632     					 response);
> > 633     		if (!err)
> > 634     			fastboot_okay(NULL, response);
> > 635     	} else {
> > 636     		write_raw_image(dev_desc, &info, cmd, download_buffer,
> >
> >
> > ________________________________________________________________________________________________________
> > To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoA22WlOQ-2By3ieUvdbKmOyw68TMVT4Kip-2BBzfOGWXJ5yIiYplmPF9KAnKIja4Zd7tU-3DB0R5_EEm8SbLgSDsaDZif-2Bv7ch8WqhKpLoKErHi4nXpwDNTsWpxO-2FB72i0SdTN3-2BHFJyiYovM6CPwd6hE024NqoJv2G1PZTeHMVC9jxFLJgI9alL1SVy-2FumNUJ7wQLM0LhmayO628LnXGSp6-2BQxL8eWMnX8DfYwdG1iiYjTCUb6p6N4KZqayMpDRL0dNo-2FZrxTT-2FAz2SR1H1kktB9lp0iaajH-2BQ-3D-3D
> >
> >   To manage Coverity Scan email notifications for "tom.rini at gmail.com", click https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxWeIHzDeopm-2BEWQ6S6K-2FtUHv9ZTk8qZbuzkkz9sa-2BJFw4elYDyedRVZOC-2ButxjBZdouVmTGuWB6Aj6G7lm7t25-2Biv1B-2B9082pHzCCex2kqMs-3DiOdo_EEm8SbLgSDsaDZif-2Bv7ch8WqhKpLoKErHi4nXpwDNTsWpxO-2FB72i0SdTN3-2BHFJyiTVHAVBb1e5w6-2BMjbd4JHjfrBraKGFtJ28aslex2Dq-2BGKoKqFa9LXDqSXKh1T4x2FIG8bOrMBw8qOG48BL8SGCU5Fh4Mz3heVvRktq2Dv-2Bu-2Fb8WoqCxYHUiUWEtrXPETG439ARsKn2eC80b78pwPIaQ-3D-3D
> >
> >
> > ----- End forwarded message -----
> >

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20210906/29ff93fd/attachment.sig>

More information about the U-Boot mailing list