Fwd: New Defects reported by Coverity Scan for Das U-Boot

Tom Rini trini at konsulko.com
Mon Nov 10 19:55:07 CET 2025 

Here's the latest report. Just 2 new issues, both from the extensions
series. Can we please address these shortly? Thanks!

---------- Forwarded message ---------
From: <scan-admin at coverity.com>
Date: Mon, Nov 10, 2025 at 12:44 PM
Subject: New Defects reported by Coverity Scan for Das U-Boot
To: <tom.rini at gmail.com>


Hi,

Please find the latest report on new defect(s) introduced to *Das U-Boot*
found with Coverity Scan.

   - *New Defects Found:* 2
   - 1 defect(s), reported by Coverity Scan earlier, were marked fixed in
   the recent build analyzed by Coverity Scan.
   - *Defects Shown:* Showing 2 of 2 defect(s)

Defect Details

** CID 638558:       Memory - illegal accesses  (UNINIT)
/boot/pxe_utils.c: 485           in label_boot_extension()


_____________________________________________________________________________________________
*** CID 638558:         Memory - illegal accesses  (UNINIT)
/boot/pxe_utils.c: 485             in label_boot_extension()
479     			return;
480
481     		snprintf(overlay_dir, dir_len, "%s%s", label->fdtdir,
482     			 slash);
483     	} else {
484     		dir_len = 2;
>>>     CID 638558:         Memory - illegal accesses  (UNINIT)
>>>     Using uninitialized value "overlay_dir" when calling "snprintf". [Note: The source code implementation of the function has been overridden by a builtin model.]
485     		snprintf(overlay_dir, dir_len, "/");
486     	}
487
488     	alist_for_each(extension, extension_list) {
489     		char *overlay_file;
490     		ulong size;

** CID 638557:       Null pointer dereferences  (NULL_RETURNS)


_____________________________________________________________________________________________
*** CID 638557:         Null pointer dereferences  (NULL_RETURNS)
/cmd/extension_board.c: 102             in do_extension_list()
96     {
97     	struct alist *extension_list;
98     	struct extension *extension;
99     	int i = 0;
100
101     	extension_list = extension_get_list();
>>>     CID 638557:         Null pointer dereferences  (NULL_RETURNS)
>>>     Dereferencing a pointer that might be "NULL" "extension_list" when calling "alist_get_ptr".
102     	if (!alist_get_ptr(extension_list, 0)) {
103     		printf("No extension registered - Please run \"extension scan\"\n");
104     		return CMD_RET_SUCCESS;
105     	}
106
107     	alist_for_each(extension, extension_list) {



View Defects in Coverity Scan
<https://scan.coverity.com/projects/das-u-boot?tab=overview>

Best regards,

The Coverity Scan Admin Team

----- End forwarded message -----

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20251110/bb3cb7ef/attachment.sig>

More information about the U-Boot mailing list