[coreboot] New Defects reported by Coverity Scan for coreboot

scan-admin Tue, 21 Aug 2018 07:24:02 -0700

Hi,

Please find the latest report on new defect(s) introduced to coreboot found 
with Coverity Scan.


2 new defect(s) introduced to coreboot found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 1395106:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/src/soc/intel/apollolake/chip.c: 681 in configure_xhci_host_mode_port0()


________________________________________________________________________________________________________
*** CID 1395106:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
/src/soc/intel/apollolake/chip.c: 681 in configure_xhci_host_mode_port0()
675     
676             printk(BIOS_INFO, "Putting xHCI port 0 into host mode.\n");
677             res = find_resource(xhci_dev, PCI_BASE_ADDRESS_0);
678             cfg0 = (void *)(uintptr_t)(res->base + DUAL_ROLE_CFG0);
679             cfg1 = (void *)(uintptr_t)(res->base + DUAL_ROLE_CFG1);
680             reg = read32(cfg0);
>>>     CID 1395106:  Integer handling issues  (CONSTANT_EXPRESSION_RESULT)
>>>     The expression "reg && 1 /* 1 << 21 */" is suspicious because it 
>>> performs a Boolean operation on a constant other than 0 or 1.
681             if (!(reg && SW_IDPIN_EN_MASK))
682                     return;
683     
684             reg &= ~(SW_IDPIN_MASK | SW_VBUS_VALID_MASK);
685             write32(cfg0, reg);
686     

** CID 1395105:  Insecure data handling  (TAINTED_SCALAR)


________________________________________________________________________________________________________
*** CID 1395105:  Insecure data handling  (TAINTED_SCALAR)
/src/lib/fit.c: 400 in fit_update_compat()
394             struct fdt_header *fdt_header = (struct fdt_header *)fdt_blob;
395             uint32_t fdt_offset = be32_to_cpu(fdt_header->structure_offset);
396             size_t i = 0;
397     
398             if (!fdt_find_compat(fdt_blob, fdt_offset, &config->compat)) {
399                     list_for_each(compat_node, compat_strings, list_node) {
>>>     CID 1395105:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted variable "config->compat.size" to a tainted sink.
400                             int pos = fit_check_compat(&config->compat,
401                                                        
compat_node->compat_string);
402                             if (pos >= 0) {
403                                     config->compat_pos = pos;
404                                     config->compat_rank = i;
405                                     config->compat_string =


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbLuoVetFLSjdonCi1EjfHRqWGQvojmmkYaBE-2BPJiTQvQ-3D-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5Z-2FeTetzNLgpALD7ckK4B74lShlyq84RmkKW3UYi61SAJvip2BeoQjbbMgwJAfv8EPOPhTOet2E5u0dm9CL-2BbFeQg0P0vEdkDPP3pp3vkA2tfAJqTdLjx-2FeHdH-2BpOW24AFYwkxHFI5mWdZ6u5LQ9rjAfIuuNC84rn9xU4I9cBDWWoT6dqXXXDXFo2egFbwP6h4-3D


-- 
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman/listinfo/coreboot

[coreboot] New Defects reported by Coverity Scan for coreboot

Reply via email to