Fwd: New Defects reported by Coverity Scan for Das U-Boot

Tom Rini trini at konsulko.com
Thu Jan 18 15:35:58 CET 2024 

Here's the current set of new issues since I last ran Coverity.

---------- Forwarded message ---------
From: <scan-admin at coverity.com>
Date: Thu, Jan 18, 2024 at 9:20 AM
Subject: New Defects reported by Coverity Scan for Das U-Boot
To: <tom.rini at gmail.com>


Hi,

Please find the latest report on new defect(s) introduced to Das
U-Boot found with Coverity Scan.

2 new defect(s) introduced to Das U-Boot found with Coverity Scan.
16 defect(s), reported by Coverity Scan earlier, were marked fixed in
the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 478334:  Memory - corruptions  (OVERRUN)


________________________________________________________________________________________________________
*** CID 478334:  Memory - corruptions  (OVERRUN)
/cmd/eficonfig.c: 534 in eficonfig_create_device_path()
528             p += fp_size;
529             *((struct efi_device_path *)p) = END;
530
531             dp = efi_dp_shorten(dp_volume);
532             if (!dp)
533                     dp = dp_volume;
>>>     CID 478334:  Memory - corruptions  (OVERRUN)
>>>     Overrunning struct type efi_device_path of 4 bytes by passing it to a function which accesses it at byte offset 5 using argument "fp->dp.length" (which evaluates to 6).
534             dp = efi_dp_concat(dp, &fp->dp, false);
535             free(buf);
536
537             return dp;
538     }
539

** CID 478333:  Error handling issues  (CHECKED_RETURN)
/lib/efi_loader/efi_firmware.c: 413 in efi_firmware_set_fmp_state_var()


________________________________________________________________________________________________________
*** CID 478333:  Error handling issues  (CHECKED_RETURN)
/lib/efi_loader/efi_firmware.c: 413 in efi_firmware_set_fmp_state_var()
407             /*
408              * GetVariable may fail, EFI_NOT_FOUND is returned if FmpState
409              * variable has not been set yet.
410              * Ignore the error here since the correct FmpState variable
411              * is set later.
412              */
>>>     CID 478333:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "efi_get_variable_int" without checking return value (as is done elsewhere 29 out of 33 times).
413             efi_get_variable_int(varname, image_type_id, NULL,
&size, var_state,
414                                  NULL);
415
416             /*
417              * Only the fw_version is set here.
418              * lowest_supported_version in FmpState variable is
ignored since



-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20240118/47bb443b/attachment.sig>

More information about the U-Boot mailing list