Hi,
Please find the latest report on new defect(s) introduced to coreboot found
with Coverity Scan.
106 new defect(s) introduced to coreboot found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent
build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 106 defect(s)
** CID 1429780: Uninitialized variables (UNINIT)
*** CID 1429780: Uninitialized variables (UNINIT)
/src/mainboard/dell/optiplex_9010/sch5545_ec.c: 619 in sch5545_ec_hwm_init()
613
614 printk(BIOS_DEBUG, "%s\n", __func__);
615 sch5545_emi_init(0x2e);
616
617 chassis_type = get_chassis_type();
618
>>> CID 1429780: Uninitialized variables (UNINIT)
>>> Using uninitialized value "val" when calling "ec_read_write_reg".
619 ec_read_write_reg(EC_HWM_LDN, 0x0048, &val, READ_OP);
620 ec_read_write_reg(EC_HWM_LDN, 0x0048, &val, WRITE_OP);
621 ec_read_write_reg(EC_HWM_LDN, 0x0042, &val, READ_OP);
622 ec_read_write_reg(EC_HWM_LDN, 0x0048, &val, READ_OP);
623 val |= 0x02;
624 ec_read_write_reg(EC_HWM_LDN, 0x0048, &val, WRITE_OP);
** CID 1429772: Uninitialized variables (UNINIT)
*** CID 1429772: Uninitialized variables (UNINIT)
/src/mainboard/dell/optiplex_9010/sch5545_ec.c: 432 in
sch5545_get_ec_fw_version()
426 uint16_t sch5545_get_ec_fw_version(void)
427 {
428 uint8_t val;
429 uint16_t ec_fw_version;
430
431 /* Read the FW version currently loaded used by EC */
>>> CID 1429772: Uninitialized variables (UNINIT)
>>> Using uninitialized value "val" when calling "ec_read_write_reg".
432 ec_read_write_reg(EC_HWM_LDN, 0x2ad, &val, READ_OP);
433 ec_fw_version = (val << 8);
434 ec_read_write_reg(EC_HWM_LDN, 0x2ae, &val, READ_OP);
435 ec_fw_version |= val;
436 ec_read_write_reg(EC_HWM_LDN, 0x2ac, &val, READ_OP);
437 ec_read_write_reg(EC_HWM_LDN, 0x2fd, &val, READ_OP);
** CID 1429765: Uninitialized variables (UNINIT)
*** CID 1429765: Uninitialized variables (UNINIT)
/src/mainboard/dell/optiplex_9010/sch5545_ec.c: 513 in
sch5545_ec_hwm_early_init()
507 int i;
508
509 printk(BIOS_DEBUG, "%s\n", __func__);
510
511 ec_check_mbox_and_int_status(0x20, 0x01);
512
>>> CID 1429765: Uninitialized variables (UNINIT)
>>> Using uninitialized value "val" when calling "ec_read_write_reg".
513 ec_read_write_reg(2, 0xcb, &val, READ_OP);
514 ec_read_write_reg(2, 0xb8, &val, READ_OP);
515
516 for (i = 0; i < ARRAY_SIZE(ec_hwm_init_seq); i++) {
517 val = ec_hwm_init_seq[i].val;
518 ec_read_write_reg(EC_HWM_LDN, ec_hwm_init_seq[i].reg,
&val,
** CID 1428711:(OVERRUN)
*** CID 1428711:(OVERRUN)
/src/vendorcode/eltan/security/mboot/mboot.c: 431 in mb_crtm()
425 tcgEventHdr.pcrIndex = MBOOT_PCR_INDEX_0;
426 tcgEventHdr.eventType = EV_S_CRTM_VERSION;
427 tcgEventHdr.eventSize = sizeof(crtm_version);
428 printk(BIOS_DEBUG, "%s: EventSize - %u\n", __func__,
429 tcgEventHdr.eventSize);
430
>>> CID 1428711:(OVERRUN)
>>> Overrunning callee's array of size 32 by passing argument
>>> "tcgEventHdr.eventSize" (which evaluates to 67) in call to
>>> "mboot_hash_extend_log".
431 status = mboot_hash_extend_log(0, (uint8_t *)crtm_version,
tcgEventHdr.eventSize,
432&tcgEventHdr, (uint8_t
*)crtm_version);
433 if (status) {
434 printk(BIOS_DEBUG, "Measure CRTM Version returned
0x%x\n", status);
435 return status;
436 }
/src/mainboard/facebook/fbg1701/romstage.c: 78 in mb_crtm()
72 memset(&tcgEventHdr, 0, sizeof(tcgEventHdr));
73 tcgEventHdr.pcrIndex = MBOOT_PCR_INDEX_0;
74 tcgEventHdr.eventType = EV_S_CRTM_VERSION;
75 tcgEventHdr.eventSize = sizeof(crtm_version);
76 printk(BIOS_DEBUG, "%s: EventSize - %u\n", __func__,
tcgEventHdr.eventSize);
77
>>> CID 1428711:(OVERRUN)
>>> Overrunning callee's array of size 32 by passing argument
>>> "tcgEventHdr.eventSize" (which evaluates to 67) in call to
>>> "mboot_hash_extend_log".
78 status = mboot_hash_extend_log(0, (uint8_t *)crtm_version,
79 tcg