---------- Forwarded message --------- From: scan-admin@coverity.com Date: Mon, Feb 13, 2023, 6:50 PM Subject: New Defects reported by Coverity Scan for Das U-Boot To: tom.rini@gmail.com

Hi,

Please find the latest report on new defect(s) introduced to Das U-Boot found with Coverity Scan.

2 new defect(s) introduced to Das U-Boot found with Coverity Scan. 3 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan Showing 2 of 2 defect(s)

** CID 436073: Resource leaks (RESOURCE_LEAK) /tools/proftool.c: 1853 in make_flamegraph()

________________________________________________________________________________________________________ *** CID 436073: Resource leaks (RESOURCE_LEAK) /tools/proftool.c: 1853 in make_flamegraph() 1847 1848 if (make_flame_tree(out_format, &tree)) 1849 return -1; 1850 1851 *str = '\0'; 1852 if (output_tree(fout, out_format, tree, str, sizeof(str), 0))

...

...

CID 436073:  Resource leaks  (RESOURCE_LEAK)
Variable "tree" going out of scope leaks the storage it points to.

1853 return -1; 1854 1855 return 0; 1856 } 1857 1858 /**

** CID 436072: Insecure data handling (TAINTED_SCALAR)

________________________________________________________________________________________________________ *** CID 436072: Insecure data handling (TAINTED_SCALAR) /tools/proftool.c: 515 in read_trace() 509 switch (hdr.type) { 510 case TRACE_CHUNK_FUNCS: 511 /* Ignored at present */ 512 break; 513 514 case TRACE_CHUNK_CALLS:

...

...

CID 436072:  Insecure data handling  (TAINTED_SCALAR)
Passing tainted expression "hdr.rec_count" to "read_calls", which

uses it as an allocation size. 515 if (read_calls(fin, hdr.rec_count)) 516 return 1; 517 break; 518 } 519 } 520 return 0;