Hi,
Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.
156 new defect(s) introduced to coreboot found with Coverity Scan. 3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 20 of 156 defect(s)
** CID 1434841: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /3rdparty/stm/Stm/StmPkg/Core/StmResource.c: 351 in IsResourceNodeValid()
________________________________________________________________________________________________________ *** CID 1434841: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /3rdparty/stm/Stm/StmPkg/Core/StmResource.c: 351 in IsResourceNodeValid() 345 } 346 break; 347 case MMIO_RANGE: 348 if (ResourceNode->Header.Length != sizeof(STM_RSC_MMIO_DESC)) { 349 goto CheckFail; 350 }
CID 1434841: Integer handling issues (CONSTANT_EXPRESSION_RESULT) "ResourceNode->Mmio.RWXAttributes & -8 /* ~((1 | 2) | 4) */" is always 0 regardless of the values of its operands. This occurs as a value.
351 if ((ResourceNode->Mmio.RWXAttributes & ~(STM_RSC_MMIO_R | STM_RSC_MMIO_W | STM_RSC_MMIO_X)) != 0) { 352 goto CheckFail; 353 } 354 if (ResourceNode->Mmio.Reserved != 0) { 355 goto CheckFail; 356 }
** CID 1434840: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434840: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/SmmVmcallHandler.c: 435 in SmmVmcallHandler() 429 if (StmVmcallHandler == NULL) { 430 DEBUG((EFI_D_INFO, "%ld SmmVmcallHandler - GetSmmVmcallHandlerByIndex - %x!\n", Index, (UINTN)ReadUnaligned32 ((UINT32 *)&Reg->Rax))); 431 // Should not happen 432 CpuDeadLoop (); 433 Status = ERROR_INVALID_API; 434 } else {
CID 1434840: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&Reg->Rbx" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
435 AddressParameter = ReadUnaligned32 ((UINT32 *)&Reg->Rbx) + LShiftU64 (ReadUnaligned32 ((UINT32 *)&Reg->Rcx), 32); 436 Status = StmVmcallHandler (Index, AddressParameter); 437 } 438 439 WriteUnaligned32 ((UINT32 *)&Reg->Rax, Status); 440 if (Status == STM_SUCCESS) {
** CID 1434839: (UNUSED_VALUE) /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeLoadVm.c: 569 in PostPeVmProc() /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeLoadVm.c: 573 in PostPeVmProc()
________________________________________________________________________________________________________ *** CID 1434839: (UNUSED_VALUE) /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeLoadVm.c: 569 in PostPeVmProc() 563 if (mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Launched) { 564 Rflags = AsmVmResume (&mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Register); 565 // BUGBUG: - AsmVmLaunch if AsmVmResume fail 566 if (VmRead32 (VMCS_32_RO_VM_INSTRUCTION_ERROR_INDEX) == 567 VmxFailErrorVmResumeWithNonLaunchedVmcs) { 568 DEBUG ((EFI_D_ERROR, "%ld :-(\n", (UINTN)CpuIndex));
CID 1434839: (UNUSED_VALUE) Assigning value from "AsmVmLaunch(&mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Register)" to "Rflags" here, but that stored value is overwritten before it can be used.
569 Rflags = AsmVmLaunch (&mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Register); 570 } 571 } else { 572 mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Launched = TRUE; 573 Rflags = AsmVmLaunch (&mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Register); 574 DEBUG ((EFI_D_ERROR, "PostPeVmProc - somehow we did not launch\n")); /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeLoadVm.c: 573 in PostPeVmProc() 567 VmxFailErrorVmResumeWithNonLaunchedVmcs) { 568 DEBUG ((EFI_D_ERROR, "%ld :-(\n", (UINTN)CpuIndex)); 569 Rflags = AsmVmLaunch (&mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Register); 570 } 571 } else { 572 mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Launched = TRUE;
CID 1434839: (UNUSED_VALUE) Assigning value from "AsmVmLaunch(&mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Register)" to "Rflags" here, but that stored value is overwritten before it can be used.
573 Rflags = AsmVmLaunch (&mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Register); 574 DEBUG ((EFI_D_ERROR, "PostPeVmProc - somehow we did not launch\n")); 575 mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Launched = FALSE; 576 } 577 DEBUG ((EFI_D_ERROR, "%ld PostPeVmProc - Problem in SMI during VM/PE\n", CpuIndex)); 578 }
** CID 1434838: Null pointer dereferences (FORWARD_NULL) /3rdparty/stm/Stm/StmPkg/Core/Init/StmInit.c: 759 in BspInit()
________________________________________________________________________________________________________ *** CID 1434838: Null pointer dereferences (FORWARD_NULL) /3rdparty/stm/Stm/StmPkg/Core/Init/StmInit.c: 759 in BspInit() 753 Rsdp = FindAcpiRsdPtr (); 754 DEBUG ((EFI_D_INFO, "Rsdp - %08x\n", Rsdp)); 755 if (Rsdp == NULL) { 756 DEBUG ((EFI_D_INFO, "Null Rsdp - Can not continue\n", Rsdp)); 757 CpuDeadLoop (); 758 }
CID 1434838: Null pointer dereferences (FORWARD_NULL) Dereferencing null pointer "Rsdp".
759 Rsdt = (EFI_ACPI_DESCRIPTION_HEADER *)(UINTN)Rsdp->RsdtAddress; 760 DEBUG ((EFI_D_INFO, "Rsdt - %08x\n", Rsdt)); 761 DEBUG ((EFI_D_INFO, "RsdtLen - %08x\n", Rsdt->Length)); 762 if ((Rsdp->Revision >= 2) && (Rsdp->XsdtAddress < (UINT64)(UINTN)-1)) { 763 Xsdt = (EFI_ACPI_DESCRIPTION_HEADER *)(UINTN)Rsdp->XsdtAddress; 764 DEBUG ((EFI_D_INFO, "Xsdt - %016lx\n", Xsdt));
** CID 1434837: (SIZEOF_MISMATCH) /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeLoadVm.c: 227 in LaunchPeVm() /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeLoadVm.c: 219 in LaunchPeVm()
________________________________________________________________________________________________________ *** CID 1434837: (SIZEOF_MISMATCH) /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeLoadVm.c: 227 in LaunchPeVm() 221 222 DEBUG((EFI_D_INFO, 223 "%ld LaunchPeVM - Initiating PE/VM run number: %d\n", 224 CpuIndex, 225 PeVmData[PeType].UserModule.RunCount)); 226
CID 1434837: (SIZEOF_MISMATCH) Adding "8UL /* sizeof (UINT64) */" to pointer "PeVmData[PeType].SharedPageStm" of type "UINTN *" is suspicious because adding an integral value to this pointer automatically scales that value by the size, 8 bytes, of the pointed-to type, "UINTN". Most likely, "sizeof (UINT64)" is extraneous and should be replaced with 1.
227 DEBUG((EFI_D_INFO, 228 "%ld LaunchPeVM - SharedPageStm 0x%016llx 0x%016llx\n", 229 CpuIndex, 230 *((UINT64 *)(PeVmData[PeType].SharedPageStm)), 231 *((UINT64 *)(PeVmData[PeType].SharedPageStm + sizeof(UINT64))))); 232 /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeLoadVm.c: 219 in LaunchPeVm() 213 mGuestContextCommonSmm[PeType].GuestContextPerCpu[0].Register.Rcx, 214 mGuestContextCommonSmm[PeType].GuestContextPerCpu[0].Register.Rdx)); 215 216 PeVmData[PeType].UserModule.RunCount++; 217 // set the runcount into the STM shared page 218
CID 1434837: (SIZEOF_MISMATCH) Adding "8UL /* sizeof (UINT64) */" to pointer "PeVmData[PeType].SharedPageStm" of type "UINTN *" is suspicious because adding an integral value to this pointer automatically scales that value by the size, 8 bytes, of the pointed-to type, "UINTN". Most likely, "sizeof (UINT64)" is extraneous and should be replaced with 1.
219 *((UINT64 *)(PeVmData[PeType].SharedPageStm + sizeof(UINT64))) = 220 PeVmData[PeType].UserModule.RunCount; 221 222 DEBUG((EFI_D_INFO, 223 "%ld LaunchPeVM - Initiating PE/VM run number: %d\n", 224 CpuIndex,
** CID 1434836: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434836: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/SmiVmcallHandler.c: 1010 in SmiVmcallHandler() 1004 DEBUG ((EFI_D_ERROR, 1005 "%ld SmiVmcallHandler - GetSmiVmcallHandlerByIndex- Invalid API entry - %x!\n", 1006 Index, 1007 (UINTN)ReadUnaligned32 ((UINT32 *)&Reg->Rax))); 1008 Status = ERROR_INVALID_API; 1009 } else {
CID 1434836: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&Reg->Rcx" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
1010 AddressParameter = ReadUnaligned32 ((UINT32 *)&Reg->Rbx) + LShiftU64 (ReadUnaligned32 ((UINT32 *)&Reg->Rcx), 32); 1011 1012 Status = StmVmcallHandler (Index, AddressParameter); 1013 } 1014 1015 if (Status == STM_SUCCESS) {
** CID 1434835: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434835: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/SmmMsrHandler.c: 41 in SmmReadMsrHandler() 35 STM_SMM_CPU_STATE *SmmCpuState; 36 UINT32 VmType = SMI_HANDLER; 37 BOOLEAN Result; 38 39 SmmCpuState = mGuestContextCommonSmi.GuestContextPerCpu[Index].SmmCpuState; 40 Reg = &mGuestContextCommonSmm[VmType].GuestContextPerCpu[Index].Register;
CID 1434835: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&Reg->Rcx" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
41 MsrIndex = ReadUnaligned32 ((UINT32 *)&Reg->Rcx); 42 43 MsrDesc = GetStmResourceMsr (mHostContextCommon.MleProtectedResource.Base, MsrIndex); 44 if ((MsrDesc != NULL) && (MsrDesc->ReadMask != 0)) { 45 DEBUG ((EFI_D_ERROR, "RDMSR (%x) violation!\n", MsrIndex)); 46 AddEventLogForResource (EvtHandledProtectionException, (STM_RSC *)MsrDesc);
** CID 1434834: Incorrect expression (ASSERT_SIDE_EFFECT) /3rdparty/stm/Stm/StmPkg/Library/SimpleSynchronizationLib/SynchronizationGcc.c: 143 in AcquireSpinLockOrFail()
________________________________________________________________________________________________________ *** CID 1434834: Incorrect expression (ASSERT_SIDE_EFFECT) /3rdparty/stm/Stm/StmPkg/Library/SimpleSynchronizationLib/SynchronizationGcc.c: 143 in AcquireSpinLockOrFail() 137 SPIN_LOCK LockValue; 138 VOID *Result; 139 140 ASSERT (SpinLock != NULL); 141 142 LockValue = *SpinLock;
CID 1434834: Incorrect expression (ASSERT_SIDE_EFFECT) Argument "LockValue" of ASSERT() has a side effect because the variable is volatile. The containing function might work differently in a non-debug build.
143 ASSERT (LockValue == SPIN_LOCK_ACQUIRED || LockValue == SPIN_LOCK_RELEASED); 144 145 _ReadWriteBarrier (); 146 Result = InterlockedCompareExchangePointer ( 147 (VOID**)SpinLock, 148 (VOID*)SPIN_LOCK_RELEASED,
** CID 1434833: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434833: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Init/StmInit.c: 1087 in CommonInit() 1081 AsmWriteCr4 (AsmReadCr4 () | CR4_OSFXSR | CR4_OSXMMEXCPT); 1082 if (IsXStateSupoprted()) { 1083 AsmWriteCr4 (AsmReadCr4 () | CR4_OSXSAVE); 1084 } 1085 1086 VmxMisc.Uint64 = AsmReadMsr64 (IA32_VMX_MISC_MSR_INDEX);
CID 1434833: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&mGuestContextCommonSmi.GuestContextPerCpu[Index].Register.Rdx" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
1087 RegEdx = ReadUnaligned32 ((UINT32 *)&mGuestContextCommonSmi.GuestContextPerCpu[Index].Register.Rdx); 1088 if ((RegEdx & STM_CONFIG_SMI_UNBLOCKING_BY_VMX_OFF) != 0) { 1089 if (VmxMisc.Bits.VmxOffUnblockSmiSupport != 0) { 1090 AsmWriteMsr64 (IA32_SMM_MONITOR_CTL_MSR_INDEX, AsmReadMsr64(IA32_SMM_MONITOR_CTL_MSR_INDEX) | IA32_SMM_MONITOR_SMI_UNBLOCKING_BY_VMX_OFF); 1091 } 1092 }
** CID 1434832: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434832: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeSmmMsrHandler.c: 111 in PeWriteMsrHandler() 105 106 SmmCpuState = mGuestContextCommonSmi.GuestContextPerCpu[Index].SmmCpuState; 107 108 Reg = &mGuestContextCommonSmm[VmType].GuestContextPerCpu[Index].Register; 109 MsrIndex = ReadUnaligned32 ((UINT32 *)&Reg->Rcx); 110
CID 1434832: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&Reg->Rdx" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
111 Data64 = LShiftU64 ((UINT64)ReadUnaligned32 ((UINT32 *)&Reg->Rdx), 32) | (UINT64)ReadUnaligned32 ((UINT32 *)&Reg->Rax); 112 DEBUG ((EFI_D_INFO, "%ld PeWriteMsrHandler - 0x%llx 0x%llx\n", CpuIndex, MsrIndex, Data64)); 113 114 switch (MsrIndex) { 115 case IA32_EFER_MSR_INDEX: 116 #if 0
** CID 1434831: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434831: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/SmmVmcallHandler.c: 435 in SmmVmcallHandler() 429 if (StmVmcallHandler == NULL) { 430 DEBUG((EFI_D_INFO, "%ld SmmVmcallHandler - GetSmmVmcallHandlerByIndex - %x!\n", Index, (UINTN)ReadUnaligned32 ((UINT32 *)&Reg->Rax))); 431 // Should not happen 432 CpuDeadLoop (); 433 Status = ERROR_INVALID_API; 434 } else {
CID 1434831: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&Reg->Rcx" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
435 AddressParameter = ReadUnaligned32 ((UINT32 *)&Reg->Rbx) + LShiftU64 (ReadUnaligned32 ((UINT32 *)&Reg->Rcx), 32); 436 Status = StmVmcallHandler (Index, AddressParameter); 437 } 438 439 WriteUnaligned32 ((UINT32 *)&Reg->Rax, Status); 440 if (Status == STM_SUCCESS) {
** CID 1434830: (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434830: (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Init/StmInit.c: 1237 in LaunchBack() 1231 1232 if(!IsResourceListValid ((STM_RSC *)(UINTN)mHostContextCommon.HostContextPerCpu[Index].TxtProcessorSmmDescriptor->BiosHwResourceRequirementsPtr, FALSE)) { 1233 DEBUG ((EFI_D_INFO, "%ld LaunchBack - ValidateBiosResourceList fail!\n", Index)); 1234 WriteUnaligned32 ((UINT32 *)&Reg->Rax, ERROR_STM_MALFORMED_RESOURCE_LIST); 1235 VmWriteN (VMCS_N_GUEST_RFLAGS_INDEX, VmReadN(VMCS_N_GUEST_RFLAGS_INDEX) | RFLAGS_CF); 1236 } else {
CID 1434830: (INCOMPATIBLE_CAST) Pointer "&Reg->Rax" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
1237 WriteUnaligned32 ((UINT32 *)&Reg->Rax, STM_SUCCESS); 1238 VmWriteN (VMCS_N_GUEST_RFLAGS_INDEX, VmReadN(VMCS_N_GUEST_RFLAGS_INDEX) & ~RFLAGS_CF); 1239 } 1240 WriteUnaligned32 ((UINT32 *)&Reg->Rbx, 0); // Not support STM_RSC_BGM or STM_RSC_BGI or STM_RSC_MSR 1241 1242 DEBUG ((EFI_D_INFO, "%ld !!!LaunchBack!!!\n", (UINTN)Index)); /3rdparty/stm/Stm/StmPkg/Core/Init/StmInit.c: 1226 in LaunchBack() 1220 // 1221 if ((Index == 0) && (ReadUnaligned32 ((UINT32 *)&Reg->Rax) == STM_API_INITIALIZE_PROTECTION)) { 1222 DEBUG ((EFI_D_INFO, "BIOS resource:\n")); 1223 DumpStmResource ((STM_RSC *)(UINTN)mHostContextCommon.HostContextPerCpu[0].TxtProcessorSmmDescriptor->BiosHwResourceRequirementsPtr); 1224 } 1225 #endif
CID 1434830: (INCOMPATIBLE_CAST) Pointer "&Reg->Rax" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
1226 if (ReadUnaligned32 ((UINT32 *)&Reg->Rax) == STM_API_START) { 1227 // We need do additional thing for STM_API_START 1228 mGuestContextCommonSmm[SMI_HANDLER].GuestContextPerCpu[Index].Actived = TRUE; 1229 SmmSetup (Index); 1230 } 1231 /3rdparty/stm/Stm/StmPkg/Core/Init/StmInit.c: 1234 in LaunchBack() 1228 mGuestContextCommonSmm[SMI_HANDLER].GuestContextPerCpu[Index].Actived = TRUE; 1229 SmmSetup (Index); 1230 } 1231 1232 if(!IsResourceListValid ((STM_RSC *)(UINTN)mHostContextCommon.HostContextPerCpu[Index].TxtProcessorSmmDescriptor->BiosHwResourceRequirementsPtr, FALSE)) { 1233 DEBUG ((EFI_D_INFO, "%ld LaunchBack - ValidateBiosResourceList fail!\n", Index));
CID 1434830: (INCOMPATIBLE_CAST) Pointer "&Reg->Rax" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
1234 WriteUnaligned32 ((UINT32 *)&Reg->Rax, ERROR_STM_MALFORMED_RESOURCE_LIST); 1235 VmWriteN (VMCS_N_GUEST_RFLAGS_INDEX, VmReadN(VMCS_N_GUEST_RFLAGS_INDEX) | RFLAGS_CF); 1236 } else { 1237 WriteUnaligned32 ((UINT32 *)&Reg->Rax, STM_SUCCESS); 1238 VmWriteN (VMCS_N_GUEST_RFLAGS_INDEX, VmReadN(VMCS_N_GUEST_RFLAGS_INDEX) & ~RFLAGS_CF); 1239 }
** CID 1434829: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434829: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/SmmCpuidHandler.c: 36 in SmmCpuidHandler() 30 X86_REGISTER *Reg; 31 UINT32 VmType = SMI_HANDLER; 32 33 Reg = &mGuestContextCommonSmm[VmType].GuestContextPerCpu[Index].Register; 34 35 AsmCpuidEx (
CID 1434829: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&Reg->Rax" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
36 ReadUnaligned32 ((UINT32 *)&Reg->Rax), 37 ReadUnaligned32 ((UINT32 *)&Reg->Rcx), 38 (UINT32 *)&Reg->Rax, 39 (UINT32 *)&Reg->Rbx, 40 (UINT32 *)&Reg->Rcx, 41 (UINT32 *)&Reg->Rdx 42 ); 43 VmWriteN (VMCS_N_GUEST_RIP_INDEX, VmReadN(VMCS_N_GUEST_RIP_INDEX) + VmRead32(VMCS_32_RO_VMEXIT_INSTRUCTION_LENGTH_INDEX)); 44 return ;
** CID 1434828: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434828: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/SmiVmcallHandler.c: 1010 in SmiVmcallHandler() 1004 DEBUG ((EFI_D_ERROR, 1005 "%ld SmiVmcallHandler - GetSmiVmcallHandlerByIndex- Invalid API entry - %x!\n", 1006 Index, 1007 (UINTN)ReadUnaligned32 ((UINT32 *)&Reg->Rax))); 1008 Status = ERROR_INVALID_API; 1009 } else {
CID 1434828: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&Reg->Rbx" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
1010 AddressParameter = ReadUnaligned32 ((UINT32 *)&Reg->Rbx) + LShiftU64 (ReadUnaligned32 ((UINT32 *)&Reg->Rcx), 32); 1011 1012 Status = StmVmcallHandler (Index, AddressParameter); 1013 } 1014 1015 if (Status == STM_SUCCESS) {
** CID 1434827: (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434827: (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeSmmVmcallHandler.c: 309 in PeSmmVmcallHandler() 303 Status = ERROR_INVALID_API; 304 } else { 305 AddressParameter = ReadUnaligned32 ((UINT32 *)&Reg->Rbx) + LShiftU64 (ReadUnaligned32 ((UINT32 *)&Reg->Rcx), 32); 306 Status = StmVmcallHandler (Index, AddressParameter); 307 } 308
CID 1434827: (INCOMPATIBLE_CAST) Pointer "&Reg->Rax" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
309 WriteUnaligned32 ((UINT32 *)&Reg->Rax, Status); 310 if (Status == STM_SUCCESS) { 311 VmWriteN (VMCS_N_GUEST_RFLAGS_INDEX, VmReadN(VMCS_N_GUEST_RFLAGS_INDEX) & ~RFLAGS_CF); 312 } else { 313 VmWriteN (VMCS_N_GUEST_RFLAGS_INDEX, VmReadN(VMCS_N_GUEST_RFLAGS_INDEX) | RFLAGS_CF); 314 } /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeSmmVmcallHandler.c: 298 in PeSmmVmcallHandler() 292 293 //DEBUG((EFI_D_INFO, "%ld PeSmmVmcallHandler - start\n", Index)); 294 VmType = mHostContextCommon.HostContextPerCpu[Index].GuestVmType; 295 296 Reg = &mGuestContextCommonSmm[VmType].GuestContextPerCpu[0].Register; 297
CID 1434827: (INCOMPATIBLE_CAST) Pointer "&Reg->Rax" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
298 StmVmcallHandler = GetPeSmmVmcallHandlerByIndex (ReadUnaligned32 ((UINT32 *)&Reg->Rax)); 299 if (StmVmcallHandler == NULL) { 300 DEBUG ((EFI_D_ERROR, "%ld PeSmmVmcallHandler - GetPeSmmVmcallHandlerByIndex (no handler) - 0x%llx!\n", 301 Index, 302 ReadUnaligned32 ((UINT32 *)&Reg->Rax))); 303 Status = ERROR_INVALID_API; /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeSmmVmcallHandler.c: 300 in PeSmmVmcallHandler() 294 VmType = mHostContextCommon.HostContextPerCpu[Index].GuestVmType; 295 296 Reg = &mGuestContextCommonSmm[VmType].GuestContextPerCpu[0].Register; 297 298 StmVmcallHandler = GetPeSmmVmcallHandlerByIndex (ReadUnaligned32 ((UINT32 *)&Reg->Rax)); 299 if (StmVmcallHandler == NULL) {
CID 1434827: (INCOMPATIBLE_CAST) Pointer "&Reg->Rax" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
300 DEBUG ((EFI_D_ERROR, "%ld PeSmmVmcallHandler - GetPeSmmVmcallHandlerByIndex (no handler) - 0x%llx!\n", 301 Index, 302 ReadUnaligned32 ((UINT32 *)&Reg->Rax))); 303 Status = ERROR_INVALID_API; 304 } else { 305 AddressParameter = ReadUnaligned32 ((UINT32 *)&Reg->Rbx) + LShiftU64 (ReadUnaligned32 ((UINT32 *)&Reg->Rcx), 32);
** CID 1434826: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434826: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/SmmCpuidHandler.c: 37 in SmmCpuidHandler() 31 UINT32 VmType = SMI_HANDLER; 32 33 Reg = &mGuestContextCommonSmm[VmType].GuestContextPerCpu[Index].Register; 34 35 AsmCpuidEx ( 36 ReadUnaligned32 ((UINT32 *)&Reg->Rax),
CID 1434826: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&Reg->Rcx" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
37 ReadUnaligned32 ((UINT32 *)&Reg->Rcx), 38 (UINT32 *)&Reg->Rax, 39 (UINT32 *)&Reg->Rbx, 40 (UINT32 *)&Reg->Rcx, 41 (UINT32 *)&Reg->Rdx 42 ); 43 VmWriteN (VMCS_N_GUEST_RIP_INDEX, VmReadN(VMCS_N_GUEST_RIP_INDEX) + VmRead32(VMCS_32_RO_VMEXIT_INSTRUCTION_LENGTH_INDEX)); 44 return ;
** CID 1434825: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434825: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/SmmMsrHandler.c: 139 in SmmWriteMsrHandler() 133 STM_SMM_CPU_STATE *SmmCpuState; 134 UINT32 VmType = SMI_HANDLER; 135 136 SmmCpuState = mGuestContextCommonSmi.GuestContextPerCpu[Index].SmmCpuState; 137 138 Reg = &mGuestContextCommonSmm[VmType].GuestContextPerCpu[Index].Register;
CID 1434825: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&Reg->Rcx" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
139 MsrIndex = ReadUnaligned32 ((UINT32 *)&Reg->Rcx); 140 141 MsrDesc = GetStmResourceMsr (mHostContextCommon.MleProtectedResource.Base, MsrIndex); 142 if ((MsrDesc != NULL) && (MsrDesc->WriteMask != 0)) { 143 DEBUG ((EFI_D_ERROR, "WRMSR (%x) violation!\n", MsrIndex)); 144 AddEventLogForResource (EvtHandledProtectionException, (STM_RSC *)MsrDesc);
** CID 1434824: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434824: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeSmmIoHandler.c: 64 in PeIoHandler() 58 59 if((PortNumber == 0x3D8)||(PortNumber == 0x3F8)) 60 { 61 UINT64 AddressSpaceStart = PeVmData[VmType].UserModule.AddressSpaceStart; 62 UINT64 AddressSpaceEnd = PeVmData[VmType].UserModule.AddressSpaceStart + PeVmData[VmType].UserModule.AddressSpaceSize; 63 GuestAddress = ReadUnaligned64((UINT64 *) &Reg->Rsi); // assume that DS Base is zero
CID 1434824: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&Reg->Rcx" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
64 DataSize = ReadUnaligned32((UINT32 *) &Reg->Rcx); 65 //DEBUG((EFI_D_INFO, "%ld PeIoHandler - GuestAddress: 0x%016llx DataSize: 0x%016llx \n", CpuIndex, GuestAddress, DataSize)); 66 GuestAddressEnd = GuestAddress + DataSize; 67 68 // make sure the GuestAddress fits in the block that is within 69 // SMRAM
** CID 1434823: Integer handling issues (INCOMPATIBLE_CAST)
________________________________________________________________________________________________________ *** CID 1434823: Integer handling issues (INCOMPATIBLE_CAST) /3rdparty/stm/Stm/StmPkg/Core/Runtime/PeLoadVm.c: 631 in PostPeVmProc() 625 if(PeVmData[PeType].StartMode == PEVM_START_VMCALL) 626 { 627 // setup the return codes 628 629 Reg = &mGuestContextCommonSmi.GuestContextPerCpu[CpuIndex].Register; 630
CID 1434823: Integer handling issues (INCOMPATIBLE_CAST) Pointer "&Reg->Rax" points to an object whose effective type is "unsigned long long" (64 bits, unsigned) but is dereferenced as a narrower "unsigned int" (32 bits, unsigned). This may lead to unexpected results depending on machine endianness.
631 WriteUnaligned32 ((UINT32 *)&Reg->Rax, rc); 632 if (rc == PE_SUCCESS) 633 { 634 VmWriteN (VMCS_N_GUEST_RFLAGS_INDEX, 635 VmReadN(VMCS_N_GUEST_RFLAGS_INDEX) & ~RFLAGS_CF); 636 }
** CID 1434822: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /3rdparty/stm/Stm/StmPkg/Core/StmResource.c: 308 in IsResourceNodeValid()
________________________________________________________________________________________________________ *** CID 1434822: Integer handling issues (CONSTANT_EXPRESSION_RESULT) /3rdparty/stm/Stm/StmPkg/Core/StmResource.c: 308 in IsResourceNodeValid() 302 } 303 break; 304 case MEM_RANGE: 305 if (ResourceNode->Header.Length != sizeof(STM_RSC_MEM_DESC)) { 306 goto CheckFail; 307 }
CID 1434822: Integer handling issues (CONSTANT_EXPRESSION_RESULT) "ResourceNode->Mem.RWXAttributes & -8 /* ~((1 | 2) | 4) */" is always 0 regardless of the values of its operands. This occurs as a value.
308 if ((ResourceNode->Mem.RWXAttributes & ~(STM_RSC_MEM_R | STM_RSC_MEM_W | STM_RSC_MEM_X)) != 0) { 309 goto CheckFail; 310 } 311 if (ResourceNode->Mem.Reserved != 0) { 312 goto CheckFail; 313 }
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0...
-
scan-admin@coverity.com