Hi,

Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.

3 new defect(s) introduced to coreboot found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s)

** CID 1533252: Memory - corruptions (OVERRUN)

________________________________________________________________________________________________________ *** CID 1533252: Memory - corruptions (OVERRUN) /src/soc/intel/xeon_sp/chip_common.c: 124 in attach_iio_stacks() 118 continue; 119 } 120 121 struct device_path path; 122 path.type = DEVICE_PATH_DOMAIN; 123 path.domain.domain = s * MAX_LOGIC_IIO_STACK + x;

...

...

CID 1533252:  Memory - corruptions  (OVERRUN)
Overrunning struct type device_path of 32 bytes by passing it to a function which accesses it at byte offset 39.

124 struct device *iio_domain = alloc_dev(dev->bus, &path); 125 if (iio_domain == NULL) 126 die("%s: out of memory.\n", __func__); 127 iio_domain->ops = &iio_pcie_domain_ops; 128 } 129 }

** CID 1533251: Memory - corruptions (OVERRUN)

________________________________________________________________________________________________________ *** CID 1533251: Memory - corruptions (OVERRUN) /src/soc/intel/xeon_sp/spr/ioat.c: 37 in create_ioat_domain() 31 struct device_path path = { 32 .type = DEVICE_PATH_DOMAIN, 33 .domain = { 34 .domain = domain_base + bus_base, 35 }, 36 };

...

...

CID 1533251:  Memory - corruptions  (OVERRUN)
Overrunning struct type device_path of 32 bytes by passing it to a function which accesses it at byte offset 39.

37 struct device *const domain = alloc_dev(upstream, &path); 38 if (!domain) 39 die("%s: out of memory.\n", __func__); 40 41 domain->ops = &ioat_domain_ops; 42

** CID 1533250: Insecure data handling (TAINTED_SCALAR) /src/soc/intel/xeon_sp/chip_common.c: 106 in attach_iio_stacks()

________________________________________________________________________________________________________ *** CID 1533250: Insecure data handling (TAINTED_SCALAR) /src/soc/intel/xeon_sp/chip_common.c: 106 in attach_iio_stacks() 100 void attach_iio_stacks(struct device *dev) 101 { 102 const IIO_UDS *hob = get_iio_uds(); 103 if (!hob) 104 return; 105

...

...

CID 1533250:  Insecure data handling  (TAINTED_SCALAR)
Using tainted variable "hob->PlatformData.numofIIO" as a loop boundary.

106 for (int s = 0; s < hob->PlatformData.numofIIO; ++s) { 107 for (int x = 0; x < MAX_LOGIC_IIO_STACK; ++x) { 108 if (s == 0 && x == 0) 109 continue; 110 111 const STACK_RES *ri = &hob->PlatformData.IIO_resource[s].StackRes[x];

________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0...