Hi Tom,
On Wed, 24 Aug 2022 at 05:40, Tom Rini trini@konsulko.com wrote:
And here's the most recent one.
----- Forwarded message from Tom Rini tom.rini@gmail.com -----
Date: Wed, 24 Aug 2022 07:38:55 -0400 From: Tom Rini tom.rini@gmail.com To: trini@konsulko.com Subject: Fwd: New Defects reported by Coverity Scan for Das U-Boot
---------- Forwarded message --------- From: scan-admin@coverity.com Date: Mon, Aug 22, 2022 at 7:07 PM Subject: New Defects reported by Coverity Scan for Das U-Boot To: tom.rini@gmail.com
Hi,
Please find the latest report on new defect(s) introduced to Das U-Boot found with Coverity Scan.
3 new defect(s) introduced to Das U-Boot found with Coverity Scan. 2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 3 of 3 defect(s)
** CID 356244: Null pointer dereferences (FORWARD_NULL)
*** CID 356244: Null pointer dereferences (FORWARD_NULL) /boot/vbe.c: 46 in vbe_find_first_device() 40 int vbe_find_first_device(struct udevice **devp) 41 { 42 uclass_find_first_device(UCLASS_BOOTMETH, devp); 43 if (*devp && is_vbe(*devp)) 44 return 0; 45
CID 356244: Null pointer dereferences (FORWARD_NULL) Passing "devp" to "vbe_find_next_device", which dereferences null "*devp".46 return vbe_find_next_device(devp); 47 } 48 49 int vbe_list(void) 50 { 51 struct bootstd_priv *std;
** CID 356243: Code maintainability issues (UNUSED_VALUE) /boot/vbe_simple.c: 237 in bootmeth_vbe_simple_ft_fixup()
*** CID 356243: Code maintainability issues (UNUSED_VALUE) /boot/vbe_simple.c: 237 in bootmeth_vbe_simple_ft_fixup() 231 /* 232 * Ideally we would have driver model support for fixups, but that does 233 * not exist yet. It is a step too far to try to do this before VBE is 234 * in place. 235 */ 236 for (ret = vbe_find_first_device(&dev); dev;
CID 356243: Code maintainability issues (UNUSED_VALUE) Assigning value from "vbe_find_next_device(&dev)" to "ret" here, but that stored value is overwritten before it can be used.237 ret = vbe_find_next_device(&dev)) { 238 struct simple_state state; 239 240 if (strcmp("vbe_simple", dev->driver->name)) 241 continue; 242
** CID 356242: (TAINTED_SCALAR)
*** CID 356242: (TAINTED_SCALAR) /test/dm/ofnode.c: 501 in make_ofnode_fdt() 495 ut_assertok(fdt_end_node(fdt)); 496 497 ut_assert(fdt_begin_node(fdt, "new-mmc") >= 0); 498 ut_assertok(fdt_end_node(fdt)); 499 500 ut_assertok(fdt_end_node(fdt));
CID 356242: (TAINTED_SCALAR) Passing tainted expression "fdt->size_dt_strings" to "fdt_finish", which uses it as an offset.501 ut_assertok(fdt_finish(fdt)); 502 503 return 0; 504 } 505 506 static int dm_test_ofnode_root(struct unit_test_state *uts) /test/dm/ofnode.c: 501 in make_ofnode_fdt() 495 ut_assertok(fdt_end_node(fdt)); 496 497 ut_assert(fdt_begin_node(fdt, "new-mmc") >= 0); 498 ut_assertok(fdt_end_node(fdt)); 499 500 ut_assertok(fdt_end_node(fdt));
CID 356242: (TAINTED_SCALAR) Passing tainted expression "fdt->size_dt_strings" to "fdt_finish", which uses it as an offset.501 ut_assertok(fdt_finish(fdt)); 502 503 return 0; 504 } 505 506 static int dm_test_ofnode_root(struct unit_test_state *uts)
To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0...
To manage Coverity Scan email notifications for "tom.rini@gmail.com", click https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0...
OK I have it on my list...currently trying to get the VBE stuff finished for osfc in 10 days.
Regards, Simon