Fwd: New Defects reported by Coverity Scan for Das U-Boot

Raymond Mao raymondmaoca at gmail.com
Sat May 2 00:51:19 CEST 2026 

Hi Michal,

On Wed, Apr 29, 2026 at 2:31 AM Michal Simek <michal.simek at amd.com> wrote:
>
>
>
> On 4/28/26 16:04, Tom Rini wrote:
> > Here's the latest report.
> >
> > ---------- Forwarded message ---------
> > From: <scan-admin at coverity.com>
> > Date: Mon, Apr 27, 2026, 5:41 PM
> > Subject: New Defects reported by Coverity Scan for Das U-Boot
> > To: <tom.rini at gmail.com>
> >
> >
> > Hi,
> >
> > Please find the latest report on new defect(s) introduced to *Das U-Boot*
> > found with Coverity Scan.
> >
> >     - *New Defects Found:* 9
> >     - 77 defect(s), reported by Coverity Scan earlier, were marked fixed in
> >     the recent build analyzed by Coverity Scan.
> >     - *Defects Shown:* Showing 9 of 9 defect(s)
> >
> > Defect Details
> >
> >
> > ** CID 645841:       Incorrect expression  (BAD_COMPARE)
> > /common/bloblist.c: 303           in bloblist_apply_blobs()
> >
> >
> > _____________________________________________________________________________________________
> > *** CID 645841:         Incorrect expression  (BAD_COMPARE)
> > /common/bloblist.c: 303             in bloblist_apply_blobs()
> > 297                                   log_err("Failed to apply blob with tag %d\n",
> > 298                                           tag);
> > 299                                   return ret;
> > 300                           }
> > 301
> > 302                           rec = rec_from_blob(blob - dat_off);
> >>>>      CID 645841:         Incorrect expression  (BAD_COMPARE)
> >>>>      Comparing pointer "rec" against "NULL" using anything besides "==" or "!=" is likely to be incorrect.
> > 303                           if (rec <= 0) {
> > 304                                   log_err("Blob corrupted\n");
> > 305                                   return -ENOENT;
> > 306                           }
> > 307
> > 308                           /* Mark applied blob record as void */
> >
>
> I sent a patch for this one.
>
>
> > ** CID 645839:       Error handling issues  (CHECKED_RETURN)
> > /lib/fdtdec.c: 1785           in fdtdec_apply_bloblist_dtos()
> >
> >
> > _____________________________________________________________________________________________
> > *** CID 645839:         Error handling issues  (CHECKED_RETURN)
> > /lib/fdtdec.c: 1785             in fdtdec_apply_bloblist_dtos()
> > 1779
> > 1780          ret = bloblist_apply_blobs(BLOBLISTT_FDT_OVERLAY,
> > fdtdec_apply_dto_blob);
> > 1781          if (ret)
> > 1782                  return ret;
> > 1783
> > 1784          /* Shink the blob to the actual FDT size */
> >>>>      CID 645839:         Error handling issues  (CHECKED_RETURN)
> >>>>      Calling "fdt_pack" without checking return value (as is done elsewhere 5 out of 6 times).
> > 1785          fdt_pack(live_fdt);
> > 1786          return bloblist_resize(BLOBLISTT_CONTROL_FDT,
> > fdt_totalsize(live_fdt));
> > 1787     }
> > 1788
> > 1789     int fdtdec_setup(void)
> > 1790     {
> >
>
> And this one.
>

Thanks for solving these two.

Raymond

> M

More information about the U-Boot mailing list