Hi,
Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.
4 new defect(s) introduced to coreboot found with Coverity Scan. 48 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s)
** CID 1362811: Resource leaks (RESOURCE_LEAK) /src/southbridge/amd/sr5650/sr5650.c: 804 in add_ivrs_device_entries()
________________________________________________________________________________________________________ *** CID 1362811: Resource leaks (RESOURCE_LEAK) /src/southbridge/amd/sr5650/sr5650.c: 804 in add_ivrs_device_entries() 798 sibling = sibling->sibling) 799 add_ivrs_device_entries(dev, sibling, depth + 1, 800 depth, root_level, current, length); 801 802 if (depth == 0) 803 free(root_level);
CID 1362811: Resource leaks (RESOURCE_LEAK) Returning without freeing "root_level" leaks the storage that it points to.
804 } 805 806 unsigned long acpi_fill_mcfg(unsigned long current) 807 { 808 struct resource *res; 809 resource_t mmconf_base = EXT_CONF_BASE_ADDRESS;
** CID 1362810: Null pointer dereferences (NULL_RETURNS) /src/mainboard/intel/kunimitsu/spd/spd_util.c: 88 in mainboard_get_spd_data()
________________________________________________________________________________________________________ *** CID 1362810: Null pointer dereferences (NULL_RETURNS) /src/mainboard/intel/kunimitsu/spd/spd_util.c: 88 in mainboard_get_spd_data() 82 spd_index = get_spd_index(); 83 printk(BIOS_INFO, "SPD index %d\n", spd_index); 84 85 /* Load SPD data from CBFS */ 86 spd_file = cbfs_boot_map_with_leak("spd.bin", CBFS_TYPE_SPD, 87 &spd_file_len);
CID 1362810: Null pointer dereferences (NULL_RETURNS) Dereferencing a null pointer "spd_file".
88 if (!(*spd_file)) 89 die("SPD data not found."); 90 91 /* make sure we have at least one SPD in the file. */ 92 if (spd_file_len < SPD_LEN) 93 die("Missing SPD data.");
** CID 1362809: Null pointer dereferences (FORWARD_NULL) /src/soc/marvell/mvmap2315/load_validate.c: 97 in load_and_validate()
________________________________________________________________________________________________________ *** CID 1362809: Null pointer dereferences (FORWARD_NULL) /src/soc/marvell/mvmap2315/load_validate.c: 97 in load_and_validate() 91 = (void *)read32( 92 &mvmap2315_mcu_secconfig->boot_callback_pointer); 93 u8 image_digest[32]; 94 95 image_info = find_bdb_image(bdb_info, image_type); 96
CID 1362809: Null pointer dereferences (FORWARD_NULL) Comparing "image_info" to null implies that "image_info" might be null.
97 if (!image_info) 98 image_failure(); 99 100 set_flash_parameters(&flash_info, image_info); 101 102 if (flash_init(bootrom_info->flash_media, MVMAP2315_MMC_CLK_MHZ))
** CID 1362808: (CONSTANT_EXPRESSION_RESULT) /src/soc/marvell/mvmap2315/mcu.c: 34 in mvmap2315_calc_checksum() /src/soc/marvell/mvmap2315/mcu.c: 34 in mvmap2315_calc_checksum()
________________________________________________________________________________________________________ *** CID 1362808: (CONSTANT_EXPRESSION_RESULT) /src/soc/marvell/mvmap2315/mcu.c: 34 in mvmap2315_calc_checksum() 28 const u8 *bytes = data; 29 int i; 30 31 for (i = csum = 0; i < size; i++) 32 csum += bytes[i]; 33
CID 1362808: (CONSTANT_EXPRESSION_RESULT) The expression "~csum && 255" is suspicious because it performs a Boolean operation on a constant other than 0 or 1.
34 return (~csum) && 0xFF; 35 } 36 37 void mcu_irq(void) 38 { 39 printk(BIOS_DEBUG, "waiting for MCU msg...\n"); /src/soc/marvell/mvmap2315/mcu.c: 34 in mvmap2315_calc_checksum() 28 const u8 *bytes = data; 29 int i; 30 31 for (i = csum = 0; i < size; i++) 32 csum += bytes[i]; 33
CID 1362808: (CONSTANT_EXPRESSION_RESULT) "~csum" is always 1/true regardless of the values of its operand. This occurs as the logical first operand of "&&".
34 return (~csum) && 0xFF; 35 } 36 37 void mcu_irq(void) 38 { 39 printk(BIOS_DEBUG, "waiting for MCU msg...\n");
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05...
To manage Coverity Scan email notifications for "coreboot@coreboot.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05...