[coreboot] New Defects reported by Coverity Scan for coreboot

scan-admin at coverity.com scan-admin at coverity.com
Fri Oct 26 16:34:44 CEST 2018 

Hi,

Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.

2 new defect(s) introduced to coreboot found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1396443:  Error handling issues  (CHECKED_RETURN)
/src/soc/intel/skylake/romstage/romstage.c: 266 in fill_power_state()


________________________________________________________________________________________________________
*** CID 1396443:  Error handling issues  (CHECKED_RETURN)
/src/soc/intel/skylake/romstage/romstage.c: 266 in fill_power_state()
260     
261     struct chipset_power_state *fill_power_state(void)
262     {
263     	struct chipset_power_state *ps;
264     
265     	ps = pmc_get_power_state();
>>>     CID 1396443:  Error handling issues  (CHECKED_RETURN)
>>>     Calling "pmc_fill_power_state" without checking return value (as is done elsewhere 4 out of 5 times).
266     	pmc_fill_power_state(ps);
267     
268     	return ps;

** CID 1396442:  Memory - corruptions  (ARRAY_VS_SINGLETON)


________________________________________________________________________________________________________
*** CID 1396442:  Memory - corruptions  (ARRAY_VS_SINGLETON)
/src/lib/selfboot.c: 263 in _selfload()
257     
258     	cbfssegs = &((struct cbfs_payload *)data)->segments;
259     
260     	if (f && f(cbfssegs))
261     		goto out;
262     
>>>     CID 1396442:  Memory - corruptions  (ARRAY_VS_SINGLETON)
>>>     Passing "cbfssegs" to function "load_payload_segments" which uses it as an array. This might corrupt or misinterpret adjacent memory locations.
263     	if (load_payload_segments(cbfssegs, &entry))
264     		goto out;
265     
266     	printk(BIOS_SPEW, "Loaded segments\n");
267     
268     	rdev_munmap(prog_rdev(payload), data);


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbLuoVetFLSjdonCi1EjfHRqWGQvojmmkYaBE-2BPJiTQvQ-3D-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5abX9gDb-2FdnTzdho5P1Ty5r66gqpRi7F92vPt1lPYusQCEg9QNgU-2Bmf2V0-2BiU5MHYBL9qt-2BjGKe9ZtulngEhHhVJ0QR1hjmQJ2tdCVdWSNXLMb-2BBPamddY-2FhHD7aK4jPWm0GPEgL4Qki5k5X8VlXfndiFB1e-2Feo8MDIj6bOHr-2Bn03bSUC-2Btzn0rtA-2FeQ4djTe4-3D

More information about the coreboot mailing list