[coreboot] New Defects reported by Coverity Scan for coreboot
scan-admin at coverity.com
scan-admin at coverity.com
Tue Aug 21 16:19:37 CEST 2018
Hi,
Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.
2 new defect(s) introduced to coreboot found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1395106: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/src/soc/intel/apollolake/chip.c: 681 in configure_xhci_host_mode_port0()
________________________________________________________________________________________________________
*** CID 1395106: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
/src/soc/intel/apollolake/chip.c: 681 in configure_xhci_host_mode_port0()
675
676 printk(BIOS_INFO, "Putting xHCI port 0 into host mode.\n");
677 res = find_resource(xhci_dev, PCI_BASE_ADDRESS_0);
678 cfg0 = (void *)(uintptr_t)(res->base + DUAL_ROLE_CFG0);
679 cfg1 = (void *)(uintptr_t)(res->base + DUAL_ROLE_CFG1);
680 reg = read32(cfg0);
>>> CID 1395106: Integer handling issues (CONSTANT_EXPRESSION_RESULT)
>>> The expression "reg && 1 /* 1 << 21 */" is suspicious because it performs a Boolean operation on a constant other than 0 or 1.
681 if (!(reg && SW_IDPIN_EN_MASK))
682 return;
683
684 reg &= ~(SW_IDPIN_MASK | SW_VBUS_VALID_MASK);
685 write32(cfg0, reg);
686
** CID 1395105: Insecure data handling (TAINTED_SCALAR)
________________________________________________________________________________________________________
*** CID 1395105: Insecure data handling (TAINTED_SCALAR)
/src/lib/fit.c: 400 in fit_update_compat()
394 struct fdt_header *fdt_header = (struct fdt_header *)fdt_blob;
395 uint32_t fdt_offset = be32_to_cpu(fdt_header->structure_offset);
396 size_t i = 0;
397
398 if (!fdt_find_compat(fdt_blob, fdt_offset, &config->compat)) {
399 list_for_each(compat_node, compat_strings, list_node) {
>>> CID 1395105: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted variable "config->compat.size" to a tainted sink.
400 int pos = fit_check_compat(&config->compat,
401 compat_node->compat_string);
402 if (pos >= 0) {
403 config->compat_pos = pos;
404 config->compat_rank = i;
405 config->compat_string =
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbLuoVetFLSjdonCi1EjfHRqWGQvojmmkYaBE-2BPJiTQvQ-3D-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5Z-2FeTetzNLgpALD7ckK4B74lShlyq84RmkKW3UYi61SAJvip2BeoQjbbMgwJAfv8EPOPhTOet2E5u0dm9CL-2BbFeQg0P0vEdkDPP3pp3vkA2tfAJqTdLjx-2FeHdH-2BpOW24AFYwkxHFI5mWdZ6u5LQ9rjAfIuuNC84rn9xU4I9cBDWWoT6dqXXXDXFo2egFbwP6h4-3D
More information about the coreboot
mailing list