Hi, Please find the latest report on new defect(s) introduced to coreboot found with Coverity Scan.
3 new defect(s) introduced to coreboot found with Coverity Scan. 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s) ** CID 1490122: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/soc/intel/alderlake/systemagent.c: 305 in get_dpr_size() ________________________________________________________________________________________________________ *** CID 1490122: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/soc/intel/alderlake/systemagent.c: 305 in get_dpr_size() 299 } 300 uint64_t get_dpr_size(struct device *dev) 301 { 302 uint64_t size; 303 uint32_t dpr_reg = pci_read_config32(dev, DPR_REG); 304 uint32_t size_field = (dpr_reg & MASK_DPR_LENGTH) >> MASK_DPR_LENGTH_LSB; >>> CID 1490122: Integer handling issues (OVERFLOW_BEFORE_WIDEN) >>> Potentially overflowing expression "size_field * 1048576U" with type >>> "unsigned int" (32 bits, unsigned) is evaluated using 32-bit arithmetic, >>> and then used in a context that expects an expression of type "uint64_t" >>> (64 bits, unsigned). 305 size = size_field * MiB; 306 return size; ** CID 1490121: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/soc/intel/alderlake/systemagent.c: 254 in get_dsm_size() ________________________________________________________________________________________________________ *** CID 1490121: Integer handling issues (OVERFLOW_BEFORE_WIDEN) /src/soc/intel/alderlake/systemagent.c: 254 in get_dsm_size() 248 uint32_t reg32 = pci_read_config32(dev, GGC); 249 uint64_t size; 250 uint32_t size_field = (reg32 & MASK_DSM_LENGTH) >> MASK_DSM_LENGTH_LSB; 251 if (size_field <= 0x10) { // 0x0 - 0x10 252 size = size_field * 32 * MiB; 253 } else if ((size_field >= 0xF0) && (size_field >= 0xFE)) { >>> CID 1490121: Integer handling issues (OVERFLOW_BEFORE_WIDEN) >>> Potentially overflowing expression "(size_field - 239U) * 4U * >>> 1048576U" with type "unsigned int" (32 bits, unsigned) is evaluated using >>> 32-bit arithmetic, and then used in a context that expects an expression of >>> type "uint64_t" (64 bits, unsigned). 254 size = (size_field - 0xEF) * 4 * MiB; 255 } else { 256 switch (size_field) { 257 case 0x20: 258 size = 1 * GiB; 259 break; ** CID 1490120: Resource leaks (RESOURCE_LEAK) /payloads/libpayload/tests/libcbfs/cbfs-verification-test.c: 217 in test_cbfs_map_valid_hash_impl() ________________________________________________________________________________________________________ *** CID 1490120: Resource leaks (RESOURCE_LEAK) /payloads/libpayload/tests/libcbfs/cbfs-verification-test.c: 217 in test_cbfs_map_valid_hash_impl() 211 mapping = cbfs_map(TEST_DATA_1_FILENAME, &size); 212 assert_non_null(mapping); 213 assert_int_equal(TEST_DATA_1_SIZE, size); 214 assert_memory_equal(test_data_1, mapping, size); 215 cbfs_unmap(mapping); 216 } >>> CID 1490120: Resource leaks (RESOURCE_LEAK) >>> Variable "mapping" going out of scope leaks the storage it points to. 217 } 218 219 static void test_cbfs_map_valid_hash(void **state) 220 { 221 test_cbfs_map_valid_hash_impl(state, false); 222 } ________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq2SfQfrHt3Prsn4qSLrYIrajINpiFX8l0vrlNSf8iCrS27qY0Cr0DkycwNUgGZJj8-3DW7qS_L-2FDzr14mnrsJO5b1wX1hp9b1MAQygl7x-2B74RAaH2cn2Lam0iRksDuu5wAM5HDg-2F0Km-2BOQSxCQoSjtAAEv13lgotKuXqhnEPXEcqqAj-2FLR-2F1GI2ARdV7g4VEHXHn-2B2myeaPjBQAzDAEfVGoDTaiEHiIPNVxwrMnqW7neCX-2FftVZbsFDREOFnrJelU3vgsMYOx1SBsknWA10fBtAkGGnSn6Q-3D-3D _______________________________________________ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org