Hi,
Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.
1 new defect(s) introduced to coreboot found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s)
** CID 1516782: (TAINTED_SCALAR)
________________________________________________________________________________________________________ *** CID 1516782: (TAINTED_SCALAR) /util/cbmem/cbmem.c: 1051 in dump_tpm_std_log() 1045 1046 tcg_spec_entry = event_log; 1047 if (!strcmp((const char *)tcg_spec_entry->signature, TCG_EFI_SPEC_ID_EVENT_SIGNATURE)) { 1048 if (tcg_spec_entry->spec_version_major == 2 && 1049 tcg_spec_entry->spec_version_minor == 0 && 1050 le32toh(tcg_spec_entry->event_type) == EV_NO_ACTION) {
CID 1516782: (TAINTED_SCALAR) Passing tainted expression "tcg_spec_entry->num_of_algorithms" to "parse_tpm2_log", which uses it as an offset.
1051 parse_tpm2_log(tcg_spec_entry); 1052 } else { 1053 fprintf(stderr, "Unknown TPM2 log specification.\n"); 1054 } 1055 unmap_memory(&log_mapping); 1056 return; /util/cbmem/cbmem.c: 1051 in dump_tpm_std_log() 1045 1046 tcg_spec_entry = event_log; 1047 if (!strcmp((const char *)tcg_spec_entry->signature, TCG_EFI_SPEC_ID_EVENT_SIGNATURE)) { 1048 if (tcg_spec_entry->spec_version_major == 2 && 1049 tcg_spec_entry->spec_version_minor == 0 && 1050 le32toh(tcg_spec_entry->event_type) == EV_NO_ACTION) {
CID 1516782: (TAINTED_SCALAR) Passing tainted expression "tcg_spec_entry->digest_sizes" to "parse_tpm2_log", which uses it as a loop boundary.
1051 parse_tpm2_log(tcg_spec_entry); 1052 } else { 1053 fprintf(stderr, "Unknown TPM2 log specification.\n"); 1054 } 1055 unmap_memory(&log_mapping); 1056 return; /util/cbmem/cbmem.c: 1038 in dump_tpm_std_log() 1032 tspec_entry = event_log; 1033 if (!strcmp((const char *)tspec_entry->signature, TCPA_SPEC_ID_EVENT_SIGNATURE)) { 1034 if (tspec_entry->spec_version_major == 1 && 1035 tspec_entry->spec_version_minor == 2 && 1036 tspec_entry->spec_errata >= 1 && 1037 le32toh(tspec_entry->entry.event_type) == EV_NO_ACTION) {
CID 1516782: (TAINTED_SCALAR) Passing tainted expression "tspec_entry->vendor_info_size" to "parse_tpm12_log", which uses it as an offset.
1038 parse_tpm12_log(tspec_entry); 1039 } else { 1040 fprintf(stderr, "Unknown TPM1.2 log specification\n"); 1041 } 1042 unmap_memory(&log_mapping); 1043 return; /util/cbmem/cbmem.c: 1038 in dump_tpm_std_log() 1032 tspec_entry = event_log; 1033 if (!strcmp((const char *)tspec_entry->signature, TCPA_SPEC_ID_EVENT_SIGNATURE)) { 1034 if (tspec_entry->spec_version_major == 1 && 1035 tspec_entry->spec_version_minor == 2 && 1036 tspec_entry->spec_errata >= 1 && 1037 le32toh(tspec_entry->entry.event_type) == EV_NO_ACTION) {
CID 1516782: (TAINTED_SCALAR) Passing tainted expression "tspec_entry->vendor_info" to "parse_tpm12_log", which uses it as a loop boundary.
1038 parse_tpm12_log(tspec_entry); 1039 } else { 1040 fprintf(stderr, "Unknown TPM1.2 log specification\n"); 1041 } 1042 unmap_memory(&log_mapping); 1043 return;
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0...