Hi,
Please find the latest report on new defect(s) introduced to coreboot found
with Coverity Scan.
2 new defect(s) introduced to coreboot found with Coverity Scan.
12 defect(s), reported by Coverity Scan earlier, were marked fixed in the
recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 1401467: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1401467: Null pointer dereferences (FORWARD_NULL)
/src/drivers/intel/fsp1_1/car.c: 176 in romstage_c_entry()
170 } else {
171 /* This leaks a mapping which this code assumes is
benign as
172 * the flash is memory mapped CPU's address space. */
173 fih =
find_fsp((uintptr_t)rdev_mmap_full(prog_rdev(&fsp)));
174 }
175
>>> CID 1401467: Null pointer dereferences (FORWARD_NULL)
>>> Passing null pointer "fih" to "cache_as_ram_stage_main", which
>>> dereferences it.
176 cache_as_ram_stage_main(fih);
177
178 /* we don't return here */
179 platform_enter_postcar();
180 }
181
** CID 1353342: (OVERRUN)
________________________________________________________________________________________________________
*** CID 1353342: (OVERRUN)
/3rdparty/chromeec/common/pwm.c: 120 in cc_pwm_duty()
114 char *e;
115 char *raw;
116
117 if (argc < 2) {
118 ccprintf("PWM channels:\n");
119 for (ch = 0; ch < PWM_CH_COUNT; ch++)
>>> CID 1353342: (OVERRUN)
>>> Overrunning callee's array of size 1 by passing argument "ch" (which
>>> evaluates to 2) in call to "print_channel".
120 print_channel(ch, max_duty);
121 return EC_SUCCESS;
122 }
123
124 ch = strtoi(argv[1], &e, 0);
125 if (*e || ch < 0 || ch >= PWM_CH_COUNT)
/3rdparty/chromeec/common/pwm.c: 148 in cc_pwm_duty()
142 return EC_ERROR_PARAM2;
143 } else if (value < 0) {
144 /* Negative = disable */
145 pwm_enable(ch, 0);
146 } else {
147 ccprintf("Setting channel %d to %d\n", ch,
value);
>>> CID 1353342: (OVERRUN)
>>> Overrunning callee's array of size 1 by passing argument "ch" (which
>>> evaluates to 2) in call to "pwm_enable".
148 pwm_enable(ch, 1);
149 (max_duty == 100) ? pwm_set_duty(ch, value) :
150 pwm_set_raw_duty(ch, value);
151 }
152 }
153
/3rdparty/chromeec/common/pwm.c: 149 in cc_pwm_duty()
143 } else if (value < 0) {
144 /* Negative = disable */
145 pwm_enable(ch, 0);
146 } else {
147 ccprintf("Setting channel %d to %d\n", ch,
value);
148 pwm_enable(ch, 1);
>>> CID 1353342: (OVERRUN)
>>> Overrunning callee's array of size 1 by passing argument "ch" (which
>>> evaluates to 2) in call to "pwm_set_raw_duty".
149 (max_duty == 100) ? pwm_set_duty(ch, value) :
150 pwm_set_raw_duty(ch, value);
151 }
152 }
153
154 print_channel(ch, max_duty);
/3rdparty/chromeec/common/pwm.c: 154 in cc_pwm_duty()
148 pwm_enable(ch, 1);
149 (max_duty == 100) ? pwm_set_duty(ch, value) :
150 pwm_set_raw_duty(ch, value);
151 }
152 }
153
>>> CID 1353342: (OVERRUN)
>>> Overrunning callee's array of size 1 by passing argument "ch" (which
>>> evaluates to 2) in call to "print_channel".
154 print_channel(ch, max_duty);
155
156 return EC_SUCCESS;
157 }
158 DECLARE_CONSOLE_COMMAND(pwmduty, cc_pwm_duty,
159 "[channel [<percent> | -1=disable] | [raw
<value>]]",
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbLuoVetFLSjdonCi1EjfHRqWGQvojmmkYaBE-2BPJiTQvaU4HClancRgJSp1vcdHRWU-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5aDGTnmxDpaaDyjM2k93dc-2FL0ny9V5MvY9BWi4IyTn-2BEfqUM9IUCjsdDq3VligG8D0tVT-2F5dB6zPwfjJVZcwGYLYg9KTfAOaXo52YQ1wrJgrS2u-2F-2BmyFKSyBSv9KmHyD-2BaL2mUiiP13LRFnVcDx18KyU-2FidQv-2FtcoOrgn0pBqUC3MzX-2Fd-2BQmLNUyGQANAbI4y0-3D
_______________________________________________
coreboot mailing list -- coreboot@coreboot.org
To unsubscribe send an email to coreboot-le...@coreboot.org
