[coreboot] New Defects reported by Coverity Scan for coreboot

Tue, 11 Oct 2022 07:11:39 -0700 

Hi,

Please find the latest report on new defect(s) introduced to coreboot found 
with Coverity Scan.

1 new defect(s) introduced to coreboot found with Coverity Scan.


New defect(s) Reported-by: Coverity Scan
Showing 1 of 1 defect(s)


** CID 1498959:    (STRING_OVERFLOW)
/src/mainboard/prodrive/hermes/mainboard.c: 183 in format_pn()
/src/mainboard/prodrive/hermes/mainboard.c: 182 in format_pn()


________________________________________________________________________________________________________
*** CID 1498959:    (STRING_OVERFLOW)
/src/mainboard/prodrive/hermes/mainboard.c: 183 in format_pn()
177             static char buffer[32 + HERMES_SN_PN_LENGTH] = { 0 };
178     
179             const char *part_num = eeprom_read_serial(offset, "N/A");
180     
181             memset(buffer, 0, sizeof(buffer));
182             strcpy(buffer, prefix);
>>>     CID 1498959:    (STRING_OVERFLOW)
>>>     You might overrun the 64-character fixed-size string "buffer + 
>>> strlen(prefix)" by copying "part_num" without checking the length.
183             strcpy(buffer + strlen(prefix), part_num);
184     
185             return buffer;
186     }
187     
188     static void mainboard_smbios_strings(struct device *dev, struct 
smbios_type11 *t)
/src/mainboard/prodrive/hermes/mainboard.c: 182 in format_pn()
176     {
177             static char buffer[32 + HERMES_SN_PN_LENGTH] = { 0 };
178     
179             const char *part_num = eeprom_read_serial(offset, "N/A");
180     
181             memset(buffer, 0, sizeof(buffer));
>>>     CID 1498959:    (STRING_OVERFLOW)
>>>     You might overrun the 64-character fixed-size string "buffer" by 
>>> copying "prefix" without checking the length.
182             strcpy(buffer, prefix);
183             strcpy(buffer + strlen(prefix), part_num);
184     
185             return buffer;
186     }
187     


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, 
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq2SfQfrHt3Prsn4qSLrYIrajINpiFX8l0vrlNSf8iCrS27qY0Cr0DkycwNUgGZJj8-3Dc0zX_L-2FDzr14mnrsJO5b1wX1hp9b1MAQygl7x-2B74RAaH2cn0O8XnxtguZSOi4NfDRwpauwwdMzsG3vr2IJiLAI-2Bt7F9f-2BnG8ItElihfyrdkiaj1JXx9eWYpks8KeukejOsafy8blQ-2FRrEmprsfwicJf75TtFFEEaVNMgTeLblgnd-2BXk2XkvmVv5Kb2THogsIFh4qfEfwHK9MkIyc7qKBYuu8dxg-3D-3D

_______________________________________________
coreboot mailing list -- [email protected]
To unsubscribe send an email to [email protected]

Reply via email to