[coreboot] New Defects reported by Coverity Scan for coreboot

scan-admin at coverity.com scan-admin at coverity.com
Fri Sep 16 13:17:33 CEST 2016 

Hi,

Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.

4 new defect(s) introduced to coreboot found with Coverity Scan.
48 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 1362811:  Resource leaks  (RESOURCE_LEAK)
/src/southbridge/amd/sr5650/sr5650.c: 804 in add_ivrs_device_entries()


________________________________________________________________________________________________________
*** CID 1362811:  Resource leaks  (RESOURCE_LEAK)
/src/southbridge/amd/sr5650/sr5650.c: 804 in add_ivrs_device_entries()
798     			sibling = sibling->sibling)
799     			add_ivrs_device_entries(dev, sibling, depth + 1,
800     				depth, root_level, current, length);
801     
802     	if (depth == 0)
803     		free(root_level);
>>>     CID 1362811:  Resource leaks  (RESOURCE_LEAK)
>>>     Returning without freeing "root_level" leaks the storage that it points to.
804     }
805     
806     unsigned long acpi_fill_mcfg(unsigned long current)
807     {
808     	struct resource *res;
809     	resource_t mmconf_base = EXT_CONF_BASE_ADDRESS;

** CID 1362810:  Null pointer dereferences  (NULL_RETURNS)
/src/mainboard/intel/kunimitsu/spd/spd_util.c: 88 in mainboard_get_spd_data()


________________________________________________________________________________________________________
*** CID 1362810:  Null pointer dereferences  (NULL_RETURNS)
/src/mainboard/intel/kunimitsu/spd/spd_util.c: 88 in mainboard_get_spd_data()
82     	spd_index = get_spd_index();
83     	printk(BIOS_INFO, "SPD index %d\n", spd_index);
84     
85     	/* Load SPD data from CBFS */
86     	spd_file = cbfs_boot_map_with_leak("spd.bin", CBFS_TYPE_SPD,
87     		&spd_file_len);
>>>     CID 1362810:  Null pointer dereferences  (NULL_RETURNS)
>>>     Dereferencing a null pointer "spd_file".
88     	if (!(*spd_file))
89     		die("SPD data not found.");
90     
91     	/* make sure we have at least one SPD in the file. */
92     	if (spd_file_len < SPD_LEN)
93     		die("Missing SPD data.");

** CID 1362809:  Null pointer dereferences  (FORWARD_NULL)
/src/soc/marvell/mvmap2315/load_validate.c: 97 in load_and_validate()


________________________________________________________________________________________________________
*** CID 1362809:  Null pointer dereferences  (FORWARD_NULL)
/src/soc/marvell/mvmap2315/load_validate.c: 97 in load_and_validate()
91     		= (void *)read32(
92     			&mvmap2315_mcu_secconfig->boot_callback_pointer);
93     	u8 image_digest[32];
94     
95     	image_info = find_bdb_image(bdb_info, image_type);
96     
>>>     CID 1362809:  Null pointer dereferences  (FORWARD_NULL)
>>>     Comparing "image_info" to null implies that "image_info" might be null.
97     	if (!image_info)
98     		image_failure();
99     
100     	set_flash_parameters(&flash_info, image_info);
101     
102     	if (flash_init(bootrom_info->flash_media, MVMAP2315_MMC_CLK_MHZ))

** CID 1362808:    (CONSTANT_EXPRESSION_RESULT)
/src/soc/marvell/mvmap2315/mcu.c: 34 in mvmap2315_calc_checksum()
/src/soc/marvell/mvmap2315/mcu.c: 34 in mvmap2315_calc_checksum()


________________________________________________________________________________________________________
*** CID 1362808:    (CONSTANT_EXPRESSION_RESULT)
/src/soc/marvell/mvmap2315/mcu.c: 34 in mvmap2315_calc_checksum()
28     	const u8 *bytes = data;
29     	int i;
30     
31     	for (i = csum = 0; i < size; i++)
32     		csum += bytes[i];
33     
>>>     CID 1362808:    (CONSTANT_EXPRESSION_RESULT)
>>>     The expression "~csum && 255" is suspicious because it performs a Boolean operation on a constant other than 0 or 1.
34     	return (~csum) && 0xFF;
35     }
36     
37     void mcu_irq(void)
38     {
39     	printk(BIOS_DEBUG, "waiting for MCU msg...\n");
/src/soc/marvell/mvmap2315/mcu.c: 34 in mvmap2315_calc_checksum()
28     	const u8 *bytes = data;
29     	int i;
30     
31     	for (i = csum = 0; i < size; i++)
32     		csum += bytes[i];
33     
>>>     CID 1362808:    (CONSTANT_EXPRESSION_RESULT)
>>>     "~csum" is always 1/true regardless of the values of its operand. This occurs as the logical first operand of "&&".
34     	return (~csum) && 0xFF;
35     }
36     
37     void mcu_irq(void)
38     {
39     	printk(BIOS_DEBUG, "waiting for MCU msg...\n");


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbLuoVetFLSjdonCi1EjfHRqWGQvojmmkYaBE-2BPJiTQvQ-3D-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5YiZoJDBTCeNJ5-2B4x8nMQNjKlAOG15eCD8QUHp0MPrSMtTHdVcWbQp1XE2KT9bYNMOa2Uf58NkRo6ajm4A-2FOzVKPNMBeM5odcubocRM7h8i7265PCloDhMKCQfRcTrNzFjMdUg0fdk2auvAsrwNF-2BsyyuAbgt7TXQtwMw7qaKDDZQ-3D-3D

To manage Coverity Scan email notifications for "coreboot at coreboot.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4e-2BpBzwOa5gzBZa9dWpDbzfofODnVj1enK2UkK0-2BgCCqyeem8IVKvTxSaOFkteZFcnohwvb2rnYNjswGryEWCURnUk6WHU42sbOmtOjD-2Bx5c-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5YiZoJDBTCeNJ5-2B4x8nMQNjvJmh1pxHBF3G-2BzSK5xhnRkkZXHXpxTWOZNaX97Bf3HEbJHM0rjYta7J7aj-2B9eD1Vr6DpBK4eX5k4DHOtakqqHTwyOKT-2FruW5AOoRGvFHEsxVOb65sqCzpYNUhC8MHxvbUrdQdNq2ZDXB5hoi2jdxDg-3D-3D

More information about the coreboot mailing list