Hi, Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.
1 new defect(s) introduced to coreboot found with Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s) ** CID 1419483: Memory - corruptions (OVERRUN) /src/vendorcode/eltan/security/verified_boot/vboot_check.c: 85 in verified_boot_check_manifest() ________________________________________________________________________________________________________ *** CID 1419483: Memory - corruptions (OVERRUN) /src/vendorcode/eltan/security/verified_boot/vboot_check.c: 85 in verified_boot_check_manifest() 79 pre->body_signature.data_size = CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_ITEMS * 80 DIGEST_SIZE; 81 pre->body_signature.sig_offset = sizeof(struct vb2_signature) + 82 pre->body_signature.data_size; 83 pre->body_signature.sig_size = size - pre->body_signature.data_size; 84 sd->workbuf_used += size; >>> CID 1419483: Memory - corruptions (OVERRUN) >>> Overrunning struct type vb2_signature of 24 bytes by passing it to a >>> function which accesses it at byte offset 663 using argument "size" (which >>> evaluates to 640). [Note: The source code implementation of the function >>> has been overridden by a builtin model.] 85 memcpy((void *)((void *)&pre->body_signature + (long)sizeof(struct vb2_signature)), 86 (uint8_t *)CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_LOC, size); 87 88 89 if (vb2api_verify_kernel_data(ctx, (void *)CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_LOC, 90 pre->body_signature.data_size)) ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq2SfQfrHt3Prsn4qSLrYIrajINpiFX8l0vrlNSf8iCrS27qY0Cr0DkycwNUgGZJj8-3DyVzL_L-2FDzr14mnrsJO5b1wX1hp9b1MAQygl7x-2B74RAaH2cn3nqY8HPK8e8YVnMZGxbWG1aaGWeSLFNzNVrgknn3sEILlxra1kp3dSPq8hliQIYiDW-2Fu0CRw79mUGAvlXGa3EJU0ys-2FHQpqcZJbPIwqdiZa053TDQD0ZFtyIRZebHPH5aKI0UXhbNzjGHTOd6dE6LeQixZNgN9hq7bphaxwnf-2Fy2sNVrLw9Fv-2BFkNdGqHihsY-3D _______________________________________________ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org