Hello Ilias,
please, have a look at this warning.
-------- Forwarded Message -------- Subject: New Defects reported by Coverity Scan for Das U-Boot Date: Thu, 18 Jan 2024 14:20:27 +0000 (UTC) From: scan-admin@coverity.com To: xypron.glpk@gmx.de
Hi,
Please find the latest report on new defect(s) introduced to Das U-Boot found with Coverity Scan.
2 new defect(s) introduced to Das U-Boot found with Coverity Scan. 16 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s)
** CID 478334: Memory - corruptions (OVERRUN)
________________________________________________________________________________________________________ *** CID 478334: Memory - corruptions (OVERRUN) /cmd/eficonfig.c: 534 in eficonfig_create_device_path() 528 p += fp_size; 529 *((struct efi_device_path *)p) = END; 530 531 dp = efi_dp_shorten(dp_volume); 532 if (!dp) 533 dp = dp_volume;
CID 478334: Memory - corruptions (OVERRUN) Overrunning struct type efi_device_path of 4 bytes by passing it to a function which accesses it at byte offset 5 using argument "fp->dp.length" (which evaluates to 6).
534 dp = efi_dp_concat(dp, &fp->dp, false);
How about using
dp = efi_dp_concat(dp, (struct efi_device_path *)fp, false);
Best regards
Heinrich
535 free(buf); 536 537 return dp; 538 } 539 ** CID 478333: Error handling issues (CHECKED_RETURN) /lib/efi_loader/efi_firmware.c: 413 in efi_firmware_set_fmp_state_var()