Hi,

Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.

2 new defect(s) introduced to coreboot found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s)

** CID 1395106: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /src/soc/intel/apollolake/chip.c: 681 in configure_xhci_host_mode_port0()

________________________________________________________________________________________________________ *** CID 1395106: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /src/soc/intel/apollolake/chip.c: 681 in configure_xhci_host_mode_port0() 675 676 printk(BIOS_INFO, "Putting xHCI port 0 into host mode.\n"); 677 res = find_resource(xhci_dev, PCI_BASE_ADDRESS_0); 678 cfg0 = (void *)(uintptr_t)(res->base + DUAL_ROLE_CFG0); 679 cfg1 = (void *)(uintptr_t)(res->base + DUAL_ROLE_CFG1); 680 reg = read32(cfg0);

...

...

CID 1395106:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
The expression "reg && 1 /* 1 << 21 */" is suspicious because it performs a Boolean operation on a constant other than 0 or 1.

681 if (!(reg && SW_IDPIN_EN_MASK)) 682 return; 683 684 reg &= ~(SW_IDPIN_MASK | SW_VBUS_VALID_MASK); 685 write32(cfg0, reg); 686

** CID 1395105: Insecure data handling (TAINTED_SCALAR)

________________________________________________________________________________________________________ *** CID 1395105: Insecure data handling (TAINTED_SCALAR) /src/lib/fit.c: 400 in fit_update_compat() 394 struct fdt_header *fdt_header = (struct fdt_header *)fdt_blob; 395 uint32_t fdt_offset = be32_to_cpu(fdt_header->structure_offset); 396 size_t i = 0; 397 398 if (!fdt_find_compat(fdt_blob, fdt_offset, &config->compat)) { 399 list_for_each(compat_node, compat_strings, list_node) {

...

...

CID 1395105:  Insecure data handling  (TAINTED_SCALAR)
Passing tainted variable "config->compat.size" to a tainted sink.

400 int pos = fit_check_compat(&config->compat, 401 compat_node->compat_string); 402 if (pos >= 0) { 403 config->compat_pos = pos; 404 config->compat_rank = i; 405 config->compat_string =

________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05...