[coreboot] New Defects reported by Coverity Scan for coreboot

scan-admin at coverity.com scan-admin at coverity.com
Fri May 5 14:17:11 CEST 2017 

Hi,

Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.

1 new defect(s) introduced to coreboot found with Coverity Scan.
1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1374795:  Memory - corruptions  (STRING_OVERFLOW)
/src/lib/edid.c: 473 in detailed_block()


________________________________________________________________________________________________________
*** CID 1374795:  Memory - corruptions  (STRING_OVERFLOW)
/src/lib/edid.c: 473 in detailed_block()
467     		case 0xFE:
468     			/*
469     			 * TODO: Two of these in a row, in the third and fourth
470     			 * slots, seems to be specified by SPWG:
471     			 * https://u2389337.ct.sendgrid.net/wf/click?upn=eMT-2BqXhL85kf4kjMp0VpWCuCeHLrqobZuW7eldBhH0g-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5Yrq0nDnHhQtWrNwqEcg6PtZ-2B4u2HNhU1xdsmSUJlbOXl8aDcsn-2BpQqufSl4rIND4D-2Fgw5Zw-2BJYNCv9BtfD06ry-2BRN-2BxALbcJbyppLxZmwz1D1A6RiE5eECATmEKxqZDVDDD4MvPjAuGd0hl8VWApt-2FpSY1MBFnESu7bqa-2B5bxa-2BbikvPK-2BX5dkGiDQ8wJsbCI-3D
472     			 */
>>>     CID 1374795:  Memory - corruptions  (STRING_OVERFLOW)
>>>     You might overrun the 14-character destination string "result_edid->ascii_string" by writing 128 characters from "extract_string(x + 5, &c->has_valid_string_termination, 13)".
473     			strcpy(result_edid->ascii_string, extract_string(x + 5,
474     				&c->has_valid_string_termination,
475     						EDID_ASCII_STRING_LENGTH));
476     			printk(BIOS_SPEW, "ASCII string: %s\n",
477     				result_edid->ascii_string);
478     			return 1;


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbLuoVetFLSjdonCi1EjfHRqWGQvojmmkYaBE-2BPJiTQvQ-3D-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5Yrq0nDnHhQtWrNwqEcg6PtGRkk3Gz7Rh8mxCwcPAk-2BYclwjGFvAdJAVOlv-2B0VZZNZEXF-2F7GkdvUnkXYyvSmKHBJvQLqeI9nQiOgY9gSz-2F0S-2B8T0KtXcFLYtTKw9O-2F9VnfZaJ7nXJWe7qkfyhHxfsr0xWu7fRD0vv8PEMc0h20tNrJVSpni4y0LrUGoeszzIU0-3D

To manage Coverity Scan email notifications for "coreboot at coreboot.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4e-2BpBzwOa5gzBZa9dWpDbzfofODnVj1enK2UkK0-2BgCCqyeem8IVKvTxSaOFkteZFcnohwvb2rnYNjswGryEWCURnUk6WHU42sbOmtOjD-2Bx5c-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5Yrq0nDnHhQtWrNwqEcg6Pto9cO-2BAcITZnFC31KaB2ckCsiy9Ey95Cx1OfO7TxM9VWxk0HddQsNp0pzkeJBGKoJhwjec9OwxsGEMgooU5YpiyqAeI44ctHcqoQGaYZ3NaXIVhsfy6AwFCSvs31K4rwsN3-2BZCmiRZO89LYLAaSBZLtFRgLesSZ7jrvfAm9j74I0-3D

More information about the coreboot mailing list