[tom.rini at gmail.com: Fwd: New Defects reported by Coverity Scan for Das U-Boot]

Shantur Rathore i at shantur.com
Thu Dec 21 15:48:31 CET 2023 

Hi Tom,

On Mon, Dec 18, 2023 at 4:26 PM Tom Rini <trini at konsulko.com> wrote:
>
> Here's the latest report.
>
> ---------- Forwarded message ---------
> From: <scan-admin at coverity.com>
> Date: Mon, Dec 18, 2023 at 8:42 AM
> Subject: New Defects reported by Coverity Scan for Das U-Boot
> To: <tom.rini at gmail.com>
>
>
> Hi,
>
> Please find the latest report on new defect(s) introduced to Das
> U-Boot found with Coverity Scan.
>
> 1 new defect(s) introduced to Das U-Boot found with Coverity Scan.
>
>
> New defect(s) Reported-by: Coverity Scan
> Showing 1 of 1 defect(s)
>
>
> ** CID 470930:  Uninitialized variables  (UNINIT)
> /boot/bootmeth_efi.c: 465 in distro_efi_boot()
>
>
> ________________________________________________________________________________________________________
> *** CID 470930:  Uninitialized variables  (UNINIT)
> /boot/bootmeth_efi.c: 465 in distro_efi_boot()
> 459              */
> 460             if (bflow->flags & BOOTFLOWF_USE_BUILTIN_FDT) {
> 461                     log_debug("Booting with built-in fdt\n");
> 462                     snprintf(cmd, sizeof(cmd), "bootefi %lx", kernel);
> 463             } else {
> 464                     log_debug("Booting with external fdt\n");
> >>>     CID 470930:  Uninitialized variables  (UNINIT)
> >>>     Using uninitialized value "fdt" when calling "snprintf". [Note: The source code implementation of the function has been overridden by a builtin model.]
> 465                     snprintf(cmd, sizeof(cmd), "bootefi %lx %lx",
> kernel, fdt);
> 466             }
> 467
> 468             if (run_command(cmd, 0))
> 469                     return log_msg_ret("run", -EINVAL);
> 470
>

The code in question is

if (!bootmeth_uses_network(bflow)) {
  // snip
  if (bflow->flags & ~BOOTFLOWF_USE_BUILTIN_FDT)
    fdt = bflow->fdt_addr;
} else {
  // snip
  fdt = env_get_hex("fdt_addr_r", 0);
}
//snip
if (bflow->flags & BOOTFLOWF_USE_BUILTIN_FDT) {
  log_debug("Booting with built-in fdt\n");
  snprintf(cmd, sizeof(cmd), "bootefi %lx", kernel);
} else {
  log_debug("Booting with external fdt\n");
  snprintf(cmd, sizeof(cmd), "bootefi %lx %lx", kernel, fdt);
}

I am unsure in which case is fdt uninitialised.
Unless the tool is being thrown off by different version of
bflow->flags & BOOTFLOWF_USE_BUILTIN_FDT
check, I don't see the problem.

Please let me know if you see it.

Kind regards,
Shantur

>
> --
> Tom

More information about the U-Boot mailing list