Fwd: New Defects reported by Coverity Scan for Das U-Boot

23 Jan 2024


      I've now updated to the latest Coverity scan tool and that eliminated
some previous defects and found two new ones:
---------- Forwarded message ---------
From: scan-admin@coverity.com
Date: Mon, Jan 22, 2024 at 6:42 PM
Subject: New Defects reported by Coverity Scan for Das U-Boot
To: tom.rini@gmail.com
Hi,
Please find the latest report on new defect(s) introduced to Das
U-Boot found with Coverity Scan.
2 new defect(s) introduced to Das U-Boot found with Coverity Scan.
8 defect(s), reported by Coverity Scan earlier, were marked fixed in
the recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 478862:  Memory - corruptions  (OVERRUN)
________________________________________________________________________________________________________
*** CID 478862:  Memory - corruptions  (OVERRUN)
/lib/initcall.c: 82 in initcall_run_list()
76      if (ret) {
77              if (CONFIG_IS_ENABLED(EVENT)) {
78                      char buf[60];
79
80                      /* don't worry about buf size as we are dying here */
81                      if (type) {
...
...
...
CID 478862:  Memory - corruptions  (OVERRUN)
Overrunning callee's array of size 15 by passing argument "type" (which evaluates to 255) in call to "event_type_name".

82                              sprintf(buf, "event %d/%s", type,
83                                      event_type_name(type));
84                      } else {
85                              sprintf(buf, "call %p", func);
86                      }
87
** CID 478861:  Memory - corruptions  (OVERRUN)
________________________________________________________________________________________________________
*** CID 478861:  Memory - corruptions  (OVERRUN)
/cmd/nvedit.c: 356 in print_static_flags()
350     static int print_static_flags(const char *var_name, const char *flags,
351                                   void *priv)
352     {
353             enum env_flags_vartype type = env_flags_parse_vartype(flags);
354             enum env_flags_varaccess access =
env_flags_parse_varaccess(flags);
355
...
...
...
CID 478861:  Memory - corruptions  (OVERRUN)
Overrunning callee's array of size 4 by passing argument "access" (which evaluates to 4) in call to "env_flags_get_varaccess_name".

356             printf("\t%-20s %-20s %-20s\n", var_name,
357                     env_flags_get_vartype_name(type),
358                     env_flags_get_varaccess_name(access));
359
360             return 0;
361     }
-- 
Tom

Tom Rini

tags (0)

participants (1)