Hi,
Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.
4 new defect(s) introduced to coreboot found with Coverity Scan. 2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 4 of 4 defect(s)
** CID 1446761: Control flow issues (DEADCODE) /src/lib/cbmem_common.c: 14 in cbmem_run_init_hooks()
________________________________________________________________________________________________________ *** CID 1446761: Control flow issues (DEADCODE) /src/lib/cbmem_common.c: 14 in cbmem_run_init_hooks() 8 cbmem_init_hook_t *init_hook_ptr = 9 (cbmem_init_hook_t *)&_cbmem_init_hooks; 10 cbmem_init_hook_t *einit_hook_ptr = 11 (cbmem_init_hook_t *)&_ecbmem_init_hooks; 12 13 if (REGION_SIZE(cbmem_init_hooks) == 0)
CID 1446761: Control flow issues (DEADCODE) Execution cannot reach this statement: "return;".
14 return; 15 16 while (init_hook_ptr != einit_hook_ptr) { 17 (*init_hook_ptr)(is_recovery); 18 init_hook_ptr++; 19 }
** CID 1446760: Resource leaks (RESOURCE_LEAK) /tests/lib/memset-test.c: 34 in setup_test()
________________________________________________________________________________________________________ *** CID 1446760: Resource leaks (RESOURCE_LEAK) /tests/lib/memset-test.c: 34 in setup_test() 28 29 return 0; 30 31 error: 32 free(buf); 33 free(helper_buf);
CID 1446760: Resource leaks (RESOURCE_LEAK) Variable "s" going out of scope leaks the storage it points to.
34 return -1; 35 } 36 37 static int teardown_test(void **state) 38 { 39 struct memset_test_state *s = *state;
** CID 1446759: Security best practices violations (STRING_OVERFLOW) /src/mainboard/prodrive/hermes/mainboard.c: 99 in update_board_layout()
________________________________________________________________________________________________________ *** CID 1446759: Security best practices violations (STRING_OVERFLOW) /src/mainboard/prodrive/hermes/mainboard.c: 99 in update_board_layout() 93 if (cpu->bus->dev->path.type != DEVICE_PATH_CPU_CLUSTER) 94 continue; 95 if (!cpu->enabled) 96 continue; 97 layout.cpu_count++; 98 if (!layout.cpu_name[0])
CID 1446759: Security best practices violations (STRING_OVERFLOW) You might overrun the 50-character fixed-size string "layout.cpu_name" by copying "cpu->name" without checking the length.
99 strcpy(layout.cpu_name, cpu->name); 100 } 101 102 if (cpuid_get_max_func() >= 0x16) 103 layout.cpu_max_non_turbo_frequency = cpuid_eax(0x16); 104
** CID 1446758: Memory - illegal accesses (NO_EFFECT) /tests/lib/memset-test.c: 88 in test_memset_zero_size()
________________________________________________________________________________________________________ *** CID 1446758: Memory - illegal accesses (NO_EFFECT) /tests/lib/memset-test.c: 88 in test_memset_zero_size() 82 for (int i = 0; i < MEMSET_BUFFER_SZ; ++i) { 83 s->base_buffer[i] = 0xFF; 84 s->helper_buffer[i] = 0xFF; 85 } 86 87 /* Expect no change in buffer after calling memset with zero size */
CID 1446758: Memory - illegal accesses (NO_EFFECT) Calling "memset" with size 0: "memset(s->base_buffer, 170, 0UL)" does nothing.
88 memset(s->base_buffer, 0xAA, 0); 89 assert_memory_equal(s->base_buffer, s->helper_buffer, MEMSET_BUFFER_SZ); 90 } 91 92 static void test_memset_one_byte(void **state) 93 {
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0...
-
scan-admin@coverity.com