[coreboot] New Defects reported by Coverity Scan for coreboot

scan-admin at coverity.com scan-admin at coverity.com
Fri Jul 15 13:24:08 CEST 2016 

Hi,

Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.

2 new defect(s) introduced to coreboot found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1357676:  Control flow issues  (NO_EFFECT)
/src/lib/tpm2_tlcl.c: 30 in tpm_process_command()


________________________________________________________________________________________________________
*** CID 1357676:  Control flow issues  (NO_EFFECT)
/src/lib/tpm2_tlcl.c: 30 in tpm_process_command()
24     	size_t out_size, in_size;
25     	/* Command/response buffer. */
26     	static uint8_t cr_buffer[TPM_BUFFER_SIZE];
27     
28     	out_size = tpm_marshal_command(command, command_body,
29     				       cr_buffer, sizeof(cr_buffer));
>>>     CID 1357676:  Control flow issues  (NO_EFFECT)
>>>     This less-than-zero comparison of an unsigned value is never true. "out_size < 0UL".
30     	if (out_size < 0) {
31     		printk(BIOS_ERR, "command %#x, cr size %zd\n",
32     		       command, out_size);
33     		return NULL;
34     	}
35     

** CID 1357675:  Integer handling issues  (NEGATIVE_RETURNS)
/src/lib/tpm2_tlcl.c: 28 in tpm_process_command()


________________________________________________________________________________________________________
*** CID 1357675:  Integer handling issues  (NEGATIVE_RETURNS)
/src/lib/tpm2_tlcl.c: 28 in tpm_process_command()
22     static void *tpm_process_command(TPM_CC command, void *command_body)
23     {
24     	size_t out_size, in_size;
25     	/* Command/response buffer. */
26     	static uint8_t cr_buffer[TPM_BUFFER_SIZE];
27     
>>>     CID 1357675:  Integer handling issues  (NEGATIVE_RETURNS)
>>>     Assigning: unsigned variable "out_size" = "tpm_marshal_command".
28     	out_size = tpm_marshal_command(command, command_body,
29     				       cr_buffer, sizeof(cr_buffer));
30     	if (out_size < 0) {
31     		printk(BIOS_ERR, "command %#x, cr size %zd\n",
32     		       command, out_size);
33     		return NULL;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/coreboot?tab=overview

To manage Coverity Scan email notifications for "coreboot at coreboot.org", click https://scan.coverity.com/subscriptions/edit?email=coreboot%40coreboot.org&token=49533df725f93b78361afb7b89ccde93

More information about the coreboot mailing list