Hi,
Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.
55 new defect(s) introduced to coreboot found with Coverity Scan. 4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 20 of 55 defect(s)
** CID 1531473: Error handling issues (CHECKED_RETURN) /src/vendorcode/amd/opensil/genoa_poc/opensil/xUSL/CCX/Common/AmdTable.c: 135 in SetSmnTableEntry()
________________________________________________________________________________________________________ *** CID 1531473: Error handling issues (CHECKED_RETURN) /src/vendorcode/amd/opensil/genoa_poc/opensil/xUSL/CCX/Common/AmdTable.c: 135 in SetSmnTableEntry() 129 130 Status = SilGetIp2IpApi (SilId_SmuClass, (void **)&SmuApi); 131 if (Status != SilPass) { 132 XUSL_TRACEPOINT (SIL_TRACE_ERROR, "SMU API not found!\n"); 133 return Status; 134 }
CID 1531473: Error handling issues (CHECKED_RETURN) Calling "SilGetIp2IpApi" without checking return value (as is done elsewhere 28 out of 29 times).
135 SilGetIp2IpApi (SilId_DfClass, (void**) &DfApi); 136 if (Status != SilPass) { 137 XUSL_TRACEPOINT (SIL_TRACE_ERROR, "DF API not found!\n"); 138 return Status; 139 } 140
** CID 1531471: Control flow issues (DEADCODE) /src/vendorcode/amd/opensil/genoa_poc/opensil/xUSL/FCH/Common/FchCore/FchHwAcpi/FchHwAcpi.c: 315 in ProgramCpuRstBTmr()
________________________________________________________________________________________________________ *** CID 1531471: Control flow issues (DEADCODE) /src/vendorcode/amd/opensil/genoa_poc/opensil/xUSL/FCH/Common/FchCore/FchHwAcpi/FchHwAcpi.c: 315 in ProgramCpuRstBTmr() 309 uint32_t RegEbx; 310 uint8_t PkgType; 311 312 RegEbx = 0; 313 PkgType = (uint8_t) (RegEbx >> 28); 314 if (PkgType == 0x4) {
CID 1531471: Control flow issues (DEADCODE) Execution cannot reach this statement: "xUSLMemReadModifyWrite8((vo...".
315 xUSLMemReadModifyWrite8((void *)(size_t)(ACPI_MMIO_BASE + PMIO_BASE + FCH_PMIOA_REG20 + 2), 0, 0xFF); 316 xUSLMemReadModifyWrite8((void *)(size_t)(ACPI_MMIO_BASE + PMIO_BASE + FCH_PMIOA_REG20 + 3), 0xF8, 0x07); 317 } 318 } 319 320 static void FchInitEnableWdt (FCHCLASS_INPUT_BLK *FchDataPtr)
** CID 1531470: Audit impact security (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/alecthomas/kong/options.go: 379 in github.com/alecthomas/kong.Configuration.anonymous%0(*github.com/alecthomas/kong.Kong)error()
________________________________________________________________________________________________________ *** CID 1531470: Audit impact security (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/alecthomas/kong/options.go: 379 in github.com/alecthomas/kong.Configuration.anonymous%0(*github.com/alecthomas/kong.Kong)error() 373 if os.IsNotExist(err) || os.IsPermission(err) { 374 continue 375 } 376 377 return err 378 }
CID 1531470: Audit impact security (SUPPRESSED_ERROR) The error returned by the function "f.Close()" is not explicitly checked.
379 f.Close() 380 381 resolver, err := k.LoadConfig(path) 382 if err != nil { 383 return errors.Wrap(err, path) 384 }
** CID 1531469: Audit impact security (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 1121 in github.com/fxamacker/cbor/v2.encodeTime(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error()
________________________________________________________________________________________________________ *** CID 1531469: Audit impact security (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 1121 in github.com/fxamacker/cbor/v2.encodeTime(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() 1115 return encode(e, em, v.Elem()) 1116 } 1117 1118 func encodeTime(e *encoderBuffer, em *encMode, v reflect.Value) error { 1119 t := v.Interface().(time.Time) 1120 if t.IsZero() {
CID 1531469: Audit impact security (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.Write(cborNil)" is not explicitly checked.
1121 e.Write(cborNil) // Even if tag is required, encode as CBOR null. 1122 return nil 1123 } 1124 if em.timeTag == EncTagRequired { 1125 tagNumber := 1 1126 if em.time == TimeRFC3339 || em.time == TimeRFC3339Nano {
** CID 1531468: (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 795 in github.com/fxamacker/cbor/v2.encodeByteString(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 791 in github.com/fxamacker/cbor/v2.encodeByteString(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 804 in github.com/fxamacker/cbor/v2.encodeByteString(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 808 in github.com/fxamacker/cbor/v2.encodeByteString(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error()
________________________________________________________________________________________________________ *** CID 1531468: (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 795 in github.com/fxamacker/cbor/v2.encodeByteString(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() 789 vk := v.Kind() 790 if vk == reflect.Slice && v.IsNil() { 791 e.Write(cborNil) 792 return nil 793 } 794 if b := em.encTagBytes(v.Type()); b != nil {
CID 1531468: (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.Write(b)" is not explicitly checked.
795 e.Write(b) 796 } 797 slen := v.Len() 798 if slen == 0 { 799 return e.WriteByte(byte(cborTypeByteString)) 800 } /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 791 in github.com/fxamacker/cbor/v2.encodeByteString(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() 785 return nil 786 } 787 788 func encodeByteString(e *encoderBuffer, em *encMode, v reflect.Value) error { 789 vk := v.Kind() 790 if vk == reflect.Slice && v.IsNil() {
CID 1531468: (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.Write(cborNil)" is not explicitly checked.
791 e.Write(cborNil) 792 return nil 793 } 794 if b := em.encTagBytes(v.Type()); b != nil { 795 e.Write(b) 796 } /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 804 in github.com/fxamacker/cbor/v2.encodeByteString(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() 798 if slen == 0 { 799 return e.WriteByte(byte(cborTypeByteString)) 800 } 801 encodeHead(e, byte(cborTypeByteString), uint64(slen)) 802 if vk == reflect.Array { 803 for i := 0; i < slen; i++ {
CID 1531468: (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.WriteByte((uint8)v.Index(i).Uint())" is not explicitly checked.
804 e.WriteByte(byte(v.Index(i).Uint())) 805 } 806 return nil 807 } 808 e.Write(v.Bytes()) 809 return nil /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 808 in github.com/fxamacker/cbor/v2.encodeByteString(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() 802 if vk == reflect.Array { 803 for i := 0; i < slen; i++ { 804 e.WriteByte(byte(v.Index(i).Uint())) 805 } 806 return nil 807 }
CID 1531468: (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.Write(v.Bytes())" is not explicitly checked.
808 e.Write(v.Bytes()) 809 return nil 810 } 811 812 func encodeString(e *encoderBuffer, em *encMode, v reflect.Value) error { 813 if b := em.encTagBytes(v.Type()); b != nil {
** CID 1531467: (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 828 in github.com/fxamacker/cbor/v2.arrayEncodeFunc.encode(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 832 in github.com/fxamacker/cbor/v2.arrayEncodeFunc.encode(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error()
________________________________________________________________________________________________________ *** CID 1531467: (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 828 in github.com/fxamacker/cbor/v2.arrayEncodeFunc.encode(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() 822 type arrayEncodeFunc struct { 823 f encodeFunc 824 } 825 826 func (ae arrayEncodeFunc) encode(e *encoderBuffer, em *encMode, v reflect.Value) error { 827 if v.Kind() == reflect.Slice && v.IsNil() {
CID 1531467: (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.Write(cborNil)" is not explicitly checked.
828 e.Write(cborNil) 829 return nil 830 } 831 if b := em.encTagBytes(v.Type()); b != nil { 832 e.Write(b) 833 } /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 832 in github.com/fxamacker/cbor/v2.arrayEncodeFunc.encode(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() 826 func (ae arrayEncodeFunc) encode(e *encoderBuffer, em *encMode, v reflect.Value) error { 827 if v.Kind() == reflect.Slice && v.IsNil() { 828 e.Write(cborNil) 829 return nil 830 } 831 if b := em.encTagBytes(v.Type()); b != nil {
CID 1531467: (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.Write(b)" is not explicitly checked.
832 e.Write(b) 833 } 834 alen := v.Len() 835 if alen == 0 { 836 return e.WriteByte(byte(cborTypeArray)) 837 }
** CID 1531466: Control flow issues (MISSING_BREAK) /src/vendorcode/wuffs/wuffs-v0.4.c: 43118 in wuffs_jpeg__decoder__decode_sof()
________________________________________________________________________________________________________ *** CID 1531466: Control flow issues (MISSING_BREAK) /src/vendorcode/wuffs/wuffs-v0.4.c: 43118 in wuffs_jpeg__decoder__decode_sof() 43112 } 43113 if (self->private_impl.f_height == 0u) { 43114 status = wuffs_base__make_status(wuffs_jpeg__error__unsupported_implicit_height); 43115 goto exit; 43116 } 43117 {
CID 1531466: Control flow issues (MISSING_BREAK) The case for value "4U" is not terminated by a "break" statement.
43118 WUFFS_BASE__COROUTINE_SUSPENSION_POINT(4); 43119 uint32_t t_2; 43120 if (WUFFS_BASE__LIKELY(io2_a_src - iop_a_src >= 2)) { 43121 t_2 = ((uint32_t)(wuffs_base__peek_u16be__no_bounds_check(iop_a_src))); 43122 iop_a_src += 2; 43123 } else {
** CID 1531465: Incorrect expression (NO_EFFECT) /src/vendorcode/wuffs/wuffs-v0.4.c: 42580 in wuffs_jpeg__decoder__do_decode_image_config()
________________________________________________________________________________________________________ *** CID 1531465: Incorrect expression (NO_EFFECT) /src/vendorcode/wuffs/wuffs-v0.4.c: 42580 in wuffs_jpeg__decoder__do_decode_image_config() 42574 status = wuffs_base__make_status(wuffs_base__suspension__short_read); 42575 goto suspend; 42576 } 42577 iop_a_src += self->private_data.s_do_decode_image_config[0].scratch; 42578 self->private_impl.f_payload_length = 0u; 42579 }
CID 1531465: Incorrect expression (NO_EFFECT) Assigning "self->private_impl.choosy_decode_idct" to itself has no effect.
42580 self->private_impl.choosy_decode_idct = ( 42581 #if defined(WUFFS_BASE__CPU_ARCH__X86_64) 42582 wuffs_base__cpu_arch__have_x86_avx2() ? &wuffs_jpeg__decoder__decode_idct_x86_avx2 : 42583 #endif 42584 self->private_impl.choosy_decode_idct); 42585 self->private_impl.f_frame_config_io_position = wuffs_base__u64__sat_add((a_src ? a_src->meta.pos : 0), ((uint64_t)(iop_a_src - io0_a_src)));
** CID 1531464: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/vendorcode/wuffs/wuffs-v0.4.c: 19866 in wuffs_base__pixel_palette__closest_element()
________________________________________________________________________________________________________ *** CID 1531464: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/vendorcode/wuffs/wuffs-v0.4.c: 19866 in wuffs_base__pixel_palette__closest_element() 19860 // These deltas are conceptually int32_t (signed) but after squaring, 19861 // it's equivalent to work in uint32_t (unsigned). 19862 pb -= cb; 19863 pg -= cg; 19864 pr -= cr; 19865 pa -= ca;
CID 1531464: Integer handling issues (OVERFLOW_BEFORE_WIDEN) Potentially overflowing expression "pg * pg" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
19866 uint64_t score = ((uint64_t)(pb * pb)) + ((uint64_t)(pg * pg)) + 19867 ((uint64_t)(pr * pr)) + ((uint64_t)(pa * pa)); 19868 if (best_score > score) { 19869 best_score = score; 19870 best_index = i; 19871 }
** CID 1531463: Control flow issues (MISSING_BREAK) /src/vendorcode/wuffs/wuffs-v0.4.c: 42377 in wuffs_jpeg__decoder__do_decode_image_config()
________________________________________________________________________________________________________ *** CID 1531463: Control flow issues (MISSING_BREAK) /src/vendorcode/wuffs/wuffs-v0.4.c: 42377 in wuffs_jpeg__decoder__do_decode_image_config() 42371 42372 if (self->private_impl.f_call_sequence != 0u) { 42373 status = wuffs_base__make_status(wuffs_base__error__bad_call_sequence); 42374 goto exit; 42375 } 42376 {
CID 1531463: Control flow issues (MISSING_BREAK) The case for value "1U" is not terminated by a "break" statement.
42377 WUFFS_BASE__COROUTINE_SUSPENSION_POINT(1); 42378 if (WUFFS_BASE__UNLIKELY(iop_a_src == io2_a_src)) { 42379 status = wuffs_base__make_status(wuffs_base__suspension__short_read); 42380 goto suspend; 42381 } 42382 uint8_t t_0 = *iop_a_src++;
** CID 1531462: (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 316 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 301 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 267 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 275 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 218 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 291 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 305 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 217 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 285 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 261 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 270 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 308 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 205 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 282 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 219 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)()
________________________________________________________________________________________________________ *** CID 1531462: (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 316 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 310 keys := v.MapKeys() 311 if f.cs.SortKeys { 312 sortValues(keys, f.cs) 313 } 314 for i, key := range keys { 315 if i > 0 {
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(spaceBytes)" is not explicitly checked.
316 f.fs.Write(spaceBytes) 317 } 318 f.ignoreNextType = true 319 f.format(f.unpackValue(key)) 320 f.fs.Write(colonBytes) 321 f.ignoreNextType = true /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 301 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 295 // Do nothing. We should never get here since pointers have already 296 // been handled above. 297 298 case reflect.Map: 299 // nil maps should be indicated as different than empty maps 300 if v.IsNil() {
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(nilAngleBytes)" is not explicitly checked.
301 f.fs.Write(nilAngleBytes) 302 break 303 } 304 305 f.fs.Write(openMapBytes) 306 f.depth++ /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 267 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 261 f.fs.Write(nilAngleBytes) 262 break 263 } 264 fallthrough 265 266 case reflect.Array:
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(openBracketBytes)" is not explicitly checked.
267 f.fs.Write(openBracketBytes) 268 f.depth++ 269 if (f.cs.MaxDepth != 0) && (f.depth > f.cs.MaxDepth) { 270 f.fs.Write(maxShortBytes) 271 } else { 272 numEntries := v.Len() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 275 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 269 if (f.cs.MaxDepth != 0) && (f.depth > f.cs.MaxDepth) { 270 f.fs.Write(maxShortBytes) 271 } else { 272 numEntries := v.Len() 273 for i := 0; i < numEntries; i++ { 274 if i > 0 {
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(spaceBytes)" is not explicitly checked.
275 f.fs.Write(spaceBytes) 276 } 277 f.ignoreNextType = true 278 f.format(f.unpackValue(v.Index(i))) 279 } 280 } /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 218 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 212 return 213 } 214 215 // Print type information unless already handled elsewhere. 216 if !f.ignoreNextType && f.fs.Flag('#') { 217 f.fs.Write(openParenBytes)
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(([]byte)v.Type().String())" is not explicitly checked.
218 f.fs.Write([]byte(v.Type().String())) 219 f.fs.Write(closeParenBytes) 220 } 221 f.ignoreNextType = false 222 223 // Call Stringer/error interfaces if they exist and the handle methods /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 291 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 285 f.fs.Write([]byte(v.String())) 286 287 case reflect.Interface: 288 // The only time we should get here is for nil interfaces due to 289 // unpackValue calls. 290 if v.IsNil() {
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(nilAngleBytes)" is not explicitly checked.
291 f.fs.Write(nilAngleBytes) 292 } 293 294 case reflect.Ptr: 295 // Do nothing. We should never get here since pointers have already 296 // been handled above. /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 305 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 299 // nil maps should be indicated as different than empty maps 300 if v.IsNil() { 301 f.fs.Write(nilAngleBytes) 302 break 303 } 304
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(openMapBytes)" is not explicitly checked.
305 f.fs.Write(openMapBytes) 306 f.depth++ 307 if (f.cs.MaxDepth != 0) && (f.depth > f.cs.MaxDepth) { 308 f.fs.Write(maxShortBytes) 309 } else { 310 keys := v.MapKeys() /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 217 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 211 f.formatPtr(v) 212 return 213 } 214 215 // Print type information unless already handled elsewhere. 216 if !f.ignoreNextType && f.fs.Flag('#') {
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(openParenBytes)" is not explicitly checked.
217 f.fs.Write(openParenBytes) 218 f.fs.Write([]byte(v.Type().String())) 219 f.fs.Write(closeParenBytes) 220 } 221 f.ignoreNextType = false 222 /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 285 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 279 } 280 } 281 f.depth-- 282 f.fs.Write(closeBracketBytes) 283 284 case reflect.String:
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(([]byte)v.String())" is not explicitly checked.
285 f.fs.Write([]byte(v.String())) 286 287 case reflect.Interface: 288 // The only time we should get here is for nil interfaces due to 289 // unpackValue calls. 290 if v.IsNil() { /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 261 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 255 256 case reflect.Complex128: 257 printComplex(f.fs, v.Complex(), 64) 258 259 case reflect.Slice: 260 if v.IsNil() {
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(nilAngleBytes)" is not explicitly checked.
261 f.fs.Write(nilAngleBytes) 262 break 263 } 264 fallthrough 265 266 case reflect.Array: /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 270 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 264 fallthrough 265 266 case reflect.Array: 267 f.fs.Write(openBracketBytes) 268 f.depth++ 269 if (f.cs.MaxDepth != 0) && (f.depth > f.cs.MaxDepth) {
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(maxShortBytes)" is not explicitly checked.
270 f.fs.Write(maxShortBytes) 271 } else { 272 numEntries := v.Len() 273 for i := 0; i < numEntries; i++ { 274 if i > 0 { 275 f.fs.Write(spaceBytes) /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 308 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 302 break 303 } 304 305 f.fs.Write(openMapBytes) 306 f.depth++ 307 if (f.cs.MaxDepth != 0) && (f.depth > f.cs.MaxDepth) {
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(maxShortBytes)" is not explicitly checked.
308 f.fs.Write(maxShortBytes) 309 } else { 310 keys := v.MapKeys() 311 if f.cs.SortKeys { 312 sortValues(keys, f.cs) 313 } /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 205 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 199 // dealing with and formats it appropriately. It is a recursive function, 200 // however circular data structures are detected and handled properly. 201 func (f *formatState) format(v reflect.Value) { 202 // Handle invalid reflect values immediately. 203 kind := v.Kind() 204 if kind == reflect.Invalid {
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(invalidAngleBytes)" is not explicitly checked.
205 f.fs.Write(invalidAngleBytes) 206 return 207 } 208 209 // Handle pointers specially. 210 if kind == reflect.Ptr { /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 282 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 276 } 277 f.ignoreNextType = true 278 f.format(f.unpackValue(v.Index(i))) 279 } 280 } 281 f.depth--
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(closeBracketBytes)" is not explicitly checked.
282 f.fs.Write(closeBracketBytes) 283 284 case reflect.String: 285 f.fs.Write([]byte(v.String())) 286 287 case reflect.Interface: /util/goswid/vendor/github.com/davecgh/go-spew/spew/format.go: 219 in github.com/davecgh/go-spew/spew.formatState.format(reflect.Value)() 213 } 214 215 // Print type information unless already handled elsewhere. 216 if !f.ignoreNextType && f.fs.Flag('#') { 217 f.fs.Write(openParenBytes) 218 f.fs.Write([]byte(v.Type().String()))
CID 1531462: (SUPPRESSED_ERROR) The error returned by the function "f.fs.Write(closeParenBytes)" is not explicitly checked.
219 f.fs.Write(closeParenBytes) 220 } 221 f.ignoreNextType = false 222 223 // Call Stringer/error interfaces if they exist and the handle methods 224 // flag is enabled.
** CID 1531461: (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/alecthomas/kong/tag.go: 206 in github.com/alecthomas/kong.hydrateTag(*github.com/alecthomas/kong.Tag, reflect.Type)error() /util/goswid/vendor/github.com/alecthomas/kong/tag.go: 205 in github.com/alecthomas/kong.hydrateTag(*github.com/alecthomas/kong.Tag, reflect.Type)error()
________________________________________________________________________________________________________ *** CID 1531461: (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/alecthomas/kong/tag.go: 206 in github.com/alecthomas/kong.hydrateTag(*github.com/alecthomas/kong.Tag, reflect.Type)error() 200 if err != nil && t.Get("short") != "" { 201 return fmt.Errorf("invalid short flag name %q: %s", t.Get("short"), err) 202 } 203 t.Hidden = t.Has("hidden") 204 t.Format = t.Get("format") 205 t.Sep, _ = t.GetSep("sep", ',')
CID 1531461: (SUPPRESSED_ERROR) The error returned by the function "t.GetSep("mapsep", 59)" is not explicitly checked.
206 t.MapSep, _ = t.GetSep("mapsep", ';') 207 t.Group = t.Get("group") 208 for _, xor := range t.GetAll("xor") { 209 t.Xor = append(t.Xor, strings.FieldsFunc(xor, tagSplitFn)...) 210 } 211 t.Prefix = t.Get("prefix") /util/goswid/vendor/github.com/alecthomas/kong/tag.go: 205 in github.com/alecthomas/kong.hydrateTag(*github.com/alecthomas/kong.Tag, reflect.Type)error() 199 t.Short, err = t.GetRune("short") 200 if err != nil && t.Get("short") != "" { 201 return fmt.Errorf("invalid short flag name %q: %s", t.Get("short"), err) 202 } 203 t.Hidden = t.Has("hidden") 204 t.Format = t.Get("format")
CID 1531461: (SUPPRESSED_ERROR) The error returned by the function "t.GetSep("sep", 44)" is not explicitly checked.
205 t.Sep, _ = t.GetSep("sep", ',') 206 t.MapSep, _ = t.GetSep("mapsep", ';') 207 t.Group = t.Get("group") 208 for _, xor := range t.GetAll("xor") { 209 t.Xor = append(t.Xor, strings.FieldsFunc(xor, tagSplitFn)...) 210 }
** CID 1531460: Null pointer dereferences (FORWARD_NULL) /src/vendorcode/wuffs/wuffs-v0.4.c: 43686 in wuffs_jpeg__decoder__do_decode_frame()
________________________________________________________________________________________________________ *** CID 1531460: Null pointer dereferences (FORWARD_NULL) /src/vendorcode/wuffs/wuffs-v0.4.c: 43686 in wuffs_jpeg__decoder__do_decode_frame() 43680 { 43681 WUFFS_BASE__COROUTINE_SUSPENSION_POINT(2); 43682 if (WUFFS_BASE__UNLIKELY(iop_a_src == io2_a_src)) { 43683 status = wuffs_base__make_status(wuffs_base__suspension__short_read); 43684 goto suspend; 43685 }
CID 1531460: Null pointer dereferences (FORWARD_NULL) Incrementing null pointer "iop_a_src".
43686 uint8_t t_0 = *iop_a_src++; 43687 v_c = t_0; 43688 } 43689 if (v_c == 255u) { 43690 break; 43691 }
** CID 1531459: Audit impact security (SUPPRESSED_ERROR) /util/goswid/pkg/uswid/uswid.go: 342 in github.com/9elements/goswid/pkg/uswid.UswidSoftwareIdentity.ToCBOR(bool)([]byte, error)()
________________________________________________________________________________________________________ *** CID 1531459: Audit impact security (SUPPRESSED_ERROR) /util/goswid/pkg/uswid/uswid.go: 342 in github.com/9elements/goswid/pkg/uswid.UswidSoftwareIdentity.ToCBOR(bool)([]byte, error)() 336 var buf bytes.Buffer 337 zlibWriter := zlib.NewWriter(&buf) 338 _, err := zlibWriter.Write(cborBuf) 339 if err != nil { 340 return nil, fmt.Errorf("cannot zlib compress CBOR data: %w", err) 341 }
CID 1531459: Audit impact security (SUPPRESSED_ERROR) The error returned by the function "zlibWriter.Close()" is not explicitly checked.
342 zlibWriter.Close() 343 return buf.Bytes(), nil 344 } else { 345 return cborBuf, nil 346 }
** CID 1531458: (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 689 in github.com/fxamacker/cbor/v2.encodeFloat(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 657 in github.com/fxamacker/cbor/v2.encodeFloat(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 680 in github.com/fxamacker/cbor/v2.encodeFloat(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 642 in github.com/fxamacker/cbor/v2.encodeFloat(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error()
________________________________________________________________________________________________________ *** CID 1531458: (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 689 in github.com/fxamacker/cbor/v2.encodeFloat(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() 683 } 684 685 // Encode float32 686 // Don't use encodeFloat32() because it cannot be inlined. 687 e.scratch[0] = byte(cborTypePrimitives) | byte(26) 688 binary.BigEndian.PutUint32(e.scratch[1:], math.Float32bits(f32))
CID 1531458: (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.Write(e.scratch[nil:5:nil])" is not explicitly checked.
689 e.Write(e.scratch[:5]) 690 return nil 691 } 692 693 func encodeInf(e *encoderBuffer, em *encMode, v reflect.Value) error { 694 f64 := v.Float() /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 657 in github.com/fxamacker/cbor/v2.encodeFloat(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() 651 fopt := em.shortestFloat 652 if v.Kind() == reflect.Float64 && (fopt == ShortestFloatNone || cannotFitFloat32(f64)) { 653 // Encode float64 654 // Don't use encodeFloat64() because it cannot be inlined. 655 e.scratch[0] = byte(cborTypePrimitives) | byte(27) 656 binary.BigEndian.PutUint64(e.scratch[1:], math.Float64bits(f64))
CID 1531458: (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.Write(e.scratch[nil:9:nil])" is not explicitly checked.
657 e.Write(e.scratch[:9]) 658 return nil 659 } 660 661 f32 := float32(f64) 662 if fopt == ShortestFloat16 { /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 680 in github.com/fxamacker/cbor/v2.encodeFloat(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() 674 } 675 if p == float16.PrecisionExact { 676 // Encode float16 677 // Don't use encodeFloat16() because it cannot be inlined. 678 e.scratch[0] = byte(cborTypePrimitives) | byte(25) 679 binary.BigEndian.PutUint16(e.scratch[1:], uint16(f16))
CID 1531458: (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.Write(e.scratch[nil:3:nil])" is not explicitly checked.
680 e.Write(e.scratch[:3]) 681 return nil 682 } 683 } 684 685 // Encode float32 /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 642 in github.com/fxamacker/cbor/v2.encodeFloat(*github.com/fxamacker/cbor/v2.encoderBuffer, *github.com/fxamacker/cbor/v2.encMode, reflect.Value)error() 636 encodeHead(e, byte(cborTypePositiveInt), v.Uint()) 637 return nil 638 } 639 640 func encodeFloat(e *encoderBuffer, em *encMode, v reflect.Value) error { 641 if b := em.encTagBytes(v.Type()); b != nil {
CID 1531458: (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.Write(b)" is not explicitly checked.
642 e.Write(b) 643 } 644 f64 := v.Float() 645 if math.IsNaN(f64) { 646 return encodeNaN(e, em, v) 647 }
** CID 1531457: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/vendorcode/wuffs/wuffs-v0.4.c: 3939 in wuffs_base__color_u32_argb_premul__as__color_u64_argb_nonpremul()
________________________________________________________________________________________________________ *** CID 1531457: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/vendorcode/wuffs/wuffs-v0.4.c: 3939 in wuffs_base__color_u32_argb_premul__as__color_u64_argb_nonpremul() 3933 uint64_t g16 = 0x101 * (0xFF & (c >> 8)); 3934 uint64_t b16 = 0x101 * (0xFF & (c >> 0)); 3935 return 0xFFFF000000000000u | (r16 << 32) | (g16 << 16) | (b16 << 0); 3936 } else if (a == 0) { 3937 return 0; 3938 }
CID 1531457: Integer handling issues (OVERFLOW_BEFORE_WIDEN) Potentially overflowing expression "a * 257U" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
3939 uint64_t a16 = a * 0x101; 3940 3941 uint64_t r = 0xFF & (c >> 16); 3942 uint64_t r16 = (r * (0x101 * 0xFFFF)) / a16; 3943 uint64_t g = 0xFF & (c >> 8); 3944 uint64_t g16 = (g * (0x101 * 0xFFFF)) / a16;
** CID 1531456: Audit impact security (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 777 in github.com/fxamacker/cbor/v2.encodeFloat32(*github.com/fxamacker/cbor/v2.encoderBuffer, float32)error()
________________________________________________________________________________________________________ *** CID 1531456: Audit impact security (SUPPRESSED_ERROR) /util/goswid/vendor/github.com/fxamacker/cbor/v2/encode.go: 777 in github.com/fxamacker/cbor/v2.encodeFloat32(*github.com/fxamacker/cbor/v2.encoderBuffer, float32)error() 771 return nil 772 } 773 774 func encodeFloat32(e *encoderBuffer, f32 float32) error { 775 e.scratch[0] = byte(cborTypePrimitives) | byte(26) 776 binary.BigEndian.PutUint32(e.scratch[1:], math.Float32bits(f32))
CID 1531456: Audit impact security (SUPPRESSED_ERROR) The error returned by the function "e.Buffer.Write(e.scratch[nil:5:nil])" is not explicitly checked.
777 e.Write(e.scratch[:5]) 778 return nil 779 } 780 781 func encodeFloat64(e *encoderBuffer, f64 float64) error { 782 e.scratch[0] = byte(cborTypePrimitives) | byte(27)
** CID 1531455: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/vendorcode/wuffs/wuffs-v0.4.c: 19866 in wuffs_base__pixel_palette__closest_element()
________________________________________________________________________________________________________ *** CID 1531455: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/vendorcode/wuffs/wuffs-v0.4.c: 19866 in wuffs_base__pixel_palette__closest_element() 19860 // These deltas are conceptually int32_t (signed) but after squaring, 19861 // it's equivalent to work in uint32_t (unsigned). 19862 pb -= cb; 19863 pg -= cg; 19864 pr -= cr; 19865 pa -= ca;
CID 1531455: Integer handling issues (OVERFLOW_BEFORE_WIDEN) Potentially overflowing expression "pb * pb" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
19866 uint64_t score = ((uint64_t)(pb * pb)) + ((uint64_t)(pg * pg)) + 19867 ((uint64_t)(pr * pr)) + ((uint64_t)(pa * pa)); 19868 if (best_score > score) { 19869 best_score = score; 19870 best_index = i; 19871 }
** CID 1531454: Audit impact security (UNSAFE_FUNCTIONALITY) /util/goswid/vendor/github.com/davecgh/go-spew/spew/bypass.go: 36 in ()
________________________________________________________________________________________________________ *** CID 1531454: Audit impact security (UNSAFE_FUNCTIONALITY) /util/goswid/vendor/github.com/davecgh/go-spew/spew/bypass.go: 36 in () 30 const ( 31 // UnsafeDisabled is a build-time constant which specifies whether or 32 // not access to the unsafe package is available. 33 UnsafeDisabled = false 34 35 // ptrSize is the size of a pointer on the current arch.
CID 1531454: Audit impact security (UNSAFE_FUNCTIONALITY) Using unsafe function Sizeof.
36 ptrSize = unsafe.Sizeof((*byte)(nil)) 37 ) 38 39 type flag uintptr 40 41 var (
** CID 1531453: Control flow issues (MISSING_BREAK) /src/vendorcode/wuffs/wuffs-v0.4.c: 42830 in wuffs_jpeg__decoder__decode_appn()
________________________________________________________________________________________________________ *** CID 1531453: Control flow issues (MISSING_BREAK) /src/vendorcode/wuffs/wuffs-v0.4.c: 42830 in wuffs_jpeg__decoder__decode_appn() 42824 iop_a_src = io1_a_src; 42825 io2_a_src = io0_a_src + a_src->meta.wi; 42826 } 42827 42828 uint32_t coro_susp_point = self->private_impl.p_decode_appn[0]; 42829 switch (coro_susp_point) {
CID 1531453: Control flow issues (MISSING_BREAK) The case for value "0U" is not terminated by a "break" statement.
42830 WUFFS_BASE__COROUTINE_SUSPENSION_POINT_0; 42831 42832 do { 42833 if (a_marker == 224u) { 42834 if (self->private_impl.f_payload_length >= 5u) { 42835 self->private_impl.f_payload_length -= 5u;
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0...