Hi,
Please find the latest report on new defect(s) introduced to coreboot found
with Coverity Scan.
3 new defect(s) introduced to coreboot found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1381814: (BUFFER_SIZE)
/src/soc/intel/cannonlake/chip.c: 253 in platform_fsp_silicon_init_params_cb()
/src/soc/intel/cannonlake/chip.c: 255 in platform_fsp_silicon_init_params_cb()
________________________________________________________________________________________________________
*** CID 1381814: (BUFFER_SIZE)
/src/soc/intel/cannonlake/chip.c: 253 in platform_fsp_silicon_init_params_cb()
247
248 /* PCI Express */
249 for (i = 0; i < ARRAY_SIZE(config->PcieClkSrcUsage); i++) {
250 if (config->PcieClkSrcUsage[i] == 0)
251 config->PcieClkSrcUsage[i] = PCIE_CLK_NOTUSED;
252 }
>>> CID 1381814: (BUFFER_SIZE)
>>> You might overrun the 16 byte destination string
>>> "params->PcieClkSrcUsage" by writing the maximum 24 bytes from
>>> "config->PcieClkSrcUsage".
253 memcpy(params->PcieClkSrcUsage, config->PcieClkSrcUsage,
254 sizeof(config->PcieClkSrcUsage));
255 memcpy(params->PcieClkSrcClkReq, config->PcieClkSrcClkReq,
256 sizeof(config->PcieClkSrcClkReq));
257
258 /* eMMC and SD */
/src/soc/intel/cannonlake/chip.c: 255 in platform_fsp_silicon_init_params_cb()
249 for (i = 0; i < ARRAY_SIZE(config->PcieClkSrcUsage); i++) {
250 if (config->PcieClkSrcUsage[i] == 0)
251 config->PcieClkSrcUsage[i] = PCIE_CLK_NOTUSED;
252 }
253 memcpy(params->PcieClkSrcUsage, config->PcieClkSrcUsage,
254 sizeof(config->PcieClkSrcUsage));
>>> CID 1381814: (BUFFER_SIZE)
>>> You might overrun the 16 byte destination string
>>> "params->PcieClkSrcClkReq" by writing the maximum 24 bytes from
>>> "config->PcieClkSrcClkReq".
255 memcpy(params->PcieClkSrcClkReq, config->PcieClkSrcClkReq,
256 sizeof(config->PcieClkSrcClkReq));
257
258 /* eMMC and SD */
259 params->ScsEmmcEnabled = config->ScsEmmcEnabled;
260 params->ScsEmmcHs400Enabled = config->ScsEmmcHs400Enabled;
** CID 1381813: Memory - corruptions (OVERRUN)
/src/soc/intel/cannonlake/chip.c: 253 in platform_fsp_silicon_init_params_cb()
________________________________________________________________________________________________________
*** CID 1381813: Memory - corruptions (OVERRUN)
/src/soc/intel/cannonlake/chip.c: 253 in platform_fsp_silicon_init_params_cb()
247
248 /* PCI Express */
249 for (i = 0; i < ARRAY_SIZE(config->PcieClkSrcUsage); i++) {
250 if (config->PcieClkSrcUsage[i] == 0)
251 config->PcieClkSrcUsage[i] = PCIE_CLK_NOTUSED;
252 }
>>> CID 1381813: Memory - corruptions (OVERRUN)
>>> Overrunning array "params->PcieClkSrcUsage" of 16 bytes by passing it
>>> to a function which accesses it at byte offset 23 using argument "24UL".
>>> [Note: The source code implementation of the function has been overridden
>>> by a builtin model.]
253 memcpy(params->PcieClkSrcUsage, config->PcieClkSrcUsage,
254 sizeof(config->PcieClkSrcUsage));
255 memcpy(params->PcieClkSrcClkReq, config->PcieClkSrcClkReq,
256 sizeof(config->PcieClkSrcClkReq));
257
258 /* eMMC and SD */
** CID 1381812: Memory - corruptions (OVERRUN)
/src/soc/intel/cannonlake/chip.c: 255 in platform_fsp_silicon_init_params_cb()
________________________________________________________________________________________________________
*** CID 1381812: Memory - corruptions (OVERRUN)
/src/soc/intel/cannonlake/chip.c: 255 in platform_fsp_silicon_init_params_cb()
249 for (i = 0; i < ARRAY_SIZE(config->PcieClkSrcUsage); i++) {
250 if (config->PcieClkSrcUsage[i] == 0)
251 config->PcieClkSrcUsage[i] = PCIE_CLK_NOTUSED;
252 }
253 memcpy(params->PcieClkSrcUsage, config->PcieClkSrcUsage,
254 sizeof(config->PcieClkSrcUsage));
>>> CID 1381812: Memory - corruptions (OVERRUN)
>>> Overrunning array "params->PcieClkSrcClkReq" of 16 bytes by passing it
>>> to a function which accesses it at byte offset 23 using argument "24UL".
>>> [Note: The source code implementation of the function has been overridden
>>> by a builtin model.]
255 memcpy(params->PcieClkSrcClkReq, config->PcieClkSrcClkReq,
256 sizeof(config->PcieClkSrcClkReq));
257
258 /* eMMC and SD */
259 params->ScsEmmcEnabled = config->ScsEmmcEnabled;
260 params->ScsEmmcHs400Enabled = config->ScsEmmcHs400Enabled;
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbLuoVetFLSjdonCi1EjfHRqWGQvojmmkYaBE-2BPJiTQvQ-3D-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5ZzxlCC53biWvXCrHFNOQlnVOlrU4CVBR2RK94Xf-2FaRUCJHU4ZPJp4Bd4KN2smVQ6l345TAY3xv-2BI6hrkM6LgsM9D500rSvv9nWC7vi5ddEtVsZ4VsB-2BoVdgoRNyoMNw3pPqSdp6DjOwYWxAnvHzLionXz7CaNZ3E6K6gRdkfu-2FImNIo8kuH-2B-2F45t5m677Zjtk-3D
To manage Coverity Scan email notifications for "coreboot@coreboot.org", click
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4e-2BpBzwOa5gzBZa9dWpDbzfofODnVj1enK2UkK0-2BgCCqfkfgGF5ECMwHI0-2FVznrU953Dvw3Ddjop950pccFQ-2Br0qaXkQSgAjbZsF6g7Yem3Y-3D_q4bX76XMySz3BXBlWr5fXXJ4cvAsgEXEqC7dBPM7O5ZzxlCC53biWvXCrHFNOQlnuW18TdHOYeUfiPDpGtbjTaoeLfx1Irou9uCLB6iXJe0P8QxuANZUBbNTCKujuURZYgH-2BstMeX41UFSyVrvLlJTrUphhvht9BCtUQllt7kNt5JbDXXdnfBAXOKmAYiK-2FpqFxwaozOw2p3dHre8d2X-2BoxkFBsBok278U7w6Cn6oa8-3D
--
coreboot mailing list: coreboot@coreboot.org
https://mail.coreboot.org/mailman/listinfo/coreboot
