Hi,
Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.
3 new defect(s) introduced to coreboot found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s)
** CID 1490122: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/soc/intel/alderlake/systemagent.c: 305 in get_dpr_size()
________________________________________________________________________________________________________ *** CID 1490122: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/soc/intel/alderlake/systemagent.c: 305 in get_dpr_size() 299 } 300 uint64_t get_dpr_size(struct device *dev) 301 { 302 uint64_t size; 303 uint32_t dpr_reg = pci_read_config32(dev, DPR_REG); 304 uint32_t size_field = (dpr_reg & MASK_DPR_LENGTH) >> MASK_DPR_LENGTH_LSB;
CID 1490122: Integer handling issues (OVERFLOW_BEFORE_WIDEN) Potentially overflowing expression "size_field * 1048576U" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
305 size = size_field * MiB; 306 return size;
** CID 1490121: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/soc/intel/alderlake/systemagent.c: 254 in get_dsm_size()
________________________________________________________________________________________________________ *** CID 1490121: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/soc/intel/alderlake/systemagent.c: 254 in get_dsm_size() 248 uint32_t reg32 = pci_read_config32(dev, GGC); 249 uint64_t size; 250 uint32_t size_field = (reg32 & MASK_DSM_LENGTH) >> MASK_DSM_LENGTH_LSB; 251 if (size_field <= 0x10) { // 0x0 - 0x10 252 size = size_field * 32 * MiB; 253 } else if ((size_field >= 0xF0) && (size_field >= 0xFE)) {
CID 1490121: Integer handling issues (OVERFLOW_BEFORE_WIDEN) Potentially overflowing expression "(size_field - 239U) * 4U * 1048576U" with type "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, and then used in a context that expects an expression of type "uint64_t" (64 bits, unsigned).
254 size = (size_field - 0xEF) * 4 * MiB; 255 } else { 256 switch (size_field) { 257 case 0x20: 258 size = 1 * GiB; 259 break;
** CID 1490120: Resource leaks (RESOURCE_LEAK) /payloads/libpayload/tests/libcbfs/cbfs-verification-test.c: 217 in test_cbfs_map_valid_hash_impl()
________________________________________________________________________________________________________ *** CID 1490120: Resource leaks (RESOURCE_LEAK) /payloads/libpayload/tests/libcbfs/cbfs-verification-test.c: 217 in test_cbfs_map_valid_hash_impl() 211 mapping = cbfs_map(TEST_DATA_1_FILENAME, &size); 212 assert_non_null(mapping); 213 assert_int_equal(TEST_DATA_1_SIZE, size); 214 assert_memory_equal(test_data_1, mapping, size); 215 cbfs_unmap(mapping); 216 }
CID 1490120: Resource leaks (RESOURCE_LEAK) Variable "mapping" going out of scope leaks the storage it points to.
217 } 218 219 static void test_cbfs_map_valid_hash(void **state) 220 { 221 test_cbfs_map_valid_hash_impl(state, false); 222 }
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0...