Hi,
Please find the latest report on new defect(s) introduced to coreboot found
with Coverity Scan.
105 new defect(s) introduced to coreboot found with Coverity Scan.
2 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent
build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 20 of 105 defect(s)
** CID 1429780: Uninitialized variables (UNINIT)
________________________________________________________________________________________________________
*** CID 1429780: Uninitialized variables (UNINIT)
/src/mainboard/dell/optiplex_9010/sch5545_ec.c: 618 in sch5545_ec_hwm_init()
612
613 printk(BIOS_DEBUG, "%s\n", __func__);
614 sch5545_emi_init(0x2e);
615
616 chassis_type = get_chassis_type();
617
>>> CID 1429780: Uninitialized variables (UNINIT)
>>> Using uninitialized value "val" when calling "ec_read_write_reg".
618 ec_read_write_reg(EC_HWM_LDN, 0x0048, &val, READ_OP);
619 ec_read_write_reg(EC_HWM_LDN, 0x0048, &val, WRITE_OP);
620 ec_read_write_reg(EC_HWM_LDN, 0x0042, &val, READ_OP);
621 ec_read_write_reg(EC_HWM_LDN, 0x0048, &val, READ_OP);
622 val |= 0x02;
623 ec_read_write_reg(EC_HWM_LDN, 0x0048, &val, WRITE_OP);
** CID 1429772: Uninitialized variables (UNINIT)
________________________________________________________________________________________________________
*** CID 1429772: Uninitialized variables (UNINIT)
/src/mainboard/dell/optiplex_9010/sch5545_ec.c: 431 in
sch5545_get_ec_fw_version()
425 uint16_t sch5545_get_ec_fw_version(void)
426 {
427 uint8_t val;
428 uint16_t ec_fw_version;
429
430 /* Read the FW version currently loaded used by EC */
>>> CID 1429772: Uninitialized variables (UNINIT)
>>> Using uninitialized value "val" when calling "ec_read_write_reg".
431 ec_read_write_reg(EC_HWM_LDN, 0x2ad, &val, READ_OP);
432 ec_fw_version = (val << 8);
433 ec_read_write_reg(EC_HWM_LDN, 0x2ae, &val, READ_OP);
434 ec_fw_version |= val;
435 ec_read_write_reg(EC_HWM_LDN, 0x2ac, &val, READ_OP);
436 ec_read_write_reg(EC_HWM_LDN, 0x2fd, &val, READ_OP);
** CID 1429765: Uninitialized variables (UNINIT)
________________________________________________________________________________________________________
*** CID 1429765: Uninitialized variables (UNINIT)
/src/mainboard/dell/optiplex_9010/sch5545_ec.c: 512 in
sch5545_ec_hwm_early_init()
506 int i;
507
508 printk(BIOS_DEBUG, "%s\n", __func__);
509
510 ec_check_mbox_and_int_status(0x20, 0x01);
511
>>> CID 1429765: Uninitialized variables (UNINIT)
>>> Using uninitialized value "val" when calling "ec_read_write_reg".
512 ec_read_write_reg(2, 0xcb, &val, READ_OP);
513 ec_read_write_reg(2, 0xb8, &val, READ_OP);
514
515 for (i = 0; i < ARRAY_SIZE(ec_hwm_init_seq); i++) {
516 val = ec_hwm_init_seq[i].val;
517 ec_read_write_reg(EC_HWM_LDN, ec_hwm_init_seq[i].reg,
&val,
** CID 1428711: (OVERRUN)
________________________________________________________________________________________________________
*** CID 1428711: (OVERRUN)
/src/vendorcode/eltan/security/mboot/mboot.c: 431 in mb_crtm()
425 tcgEventHdr.pcrIndex = MBOOT_PCR_INDEX_0;
426 tcgEventHdr.eventType = EV_S_CRTM_VERSION;
427 tcgEventHdr.eventSize = sizeof(crtm_version);
428 printk(BIOS_DEBUG, "%s: EventSize - %u\n", __func__,
429 tcgEventHdr.eventSize);
430
>>> CID 1428711: (OVERRUN)
>>> Overrunning callee's array of size 32 by passing argument
>>> "tcgEventHdr.eventSize" (which evaluates to 67) in call to
>>> "mboot_hash_extend_log".
431 status = mboot_hash_extend_log(0, (uint8_t *)crtm_version,
tcgEventHdr.eventSize,
432 &tcgEventHdr, (uint8_t
*)crtm_version);
433 if (status) {
434 printk(BIOS_DEBUG, "Measure CRTM Version returned
0x%x\n", status);
435 return status;
436 }
/src/mainboard/facebook/fbg1701/romstage.c: 78 in mb_crtm()
72 memset(&tcgEventHdr, 0, sizeof(tcgEventHdr));
73 tcgEventHdr.pcrIndex = MBOOT_PCR_INDEX_0;
74 tcgEventHdr.eventType = EV_S_CRTM_VERSION;
75 tcgEventHdr.eventSize = sizeof(crtm_version);
76 printk(BIOS_DEBUG, "%s: EventSize - %u\n", __func__,
tcgEventHdr.eventSize);
77
>>> CID 1428711: (OVERRUN)
>>> Overrunning callee's array of size 32 by passing argument
>>> "tcgEventHdr.eventSize" (which evaluates to 67) in call to
>>> "mboot_hash_extend_log".
78 status = mboot_hash_extend_log(0, (uint8_t *)crtm_version,
79 tcgEventHdr.eventSize, &tcgEventHdr,
80 (uint8_t *)crtm_version);
81 if (status) {
82 printk(BIOS_DEBUG, "Measure CRTM Version returned 0x%x\n",
status);
83 }
84
85 return status;
86 }
** CID 1419488: Null pointer dereferences (FORWARD_NULL)
________________________________________________________________________________________________________
*** CID 1419488: Null pointer dereferences (FORWARD_NULL)
/src/superio/common/generic.c: 20 in generic_set_resources()
14
15 for (res = dev->resource_list; res; res = res->next) {
16 if (!(res->flags & IORESOURCE_ASSIGNED))
17 continue;
18
19 res->flags |= IORESOURCE_STORED;
>>> CID 1419488: Null pointer dereferences (FORWARD_NULL)
>>> Passing "dev" to "report_resource_stored", which dereferences null
>>> "dev->link_list".
20 report_resource_stored(dev, res, "");
21 }
22 }
23
24 static void generic_read_resources(struct device *dev)
25 {
** CID 1419483: Memory - corruptions (OVERRUN)
/src/vendorcode/eltan/security/verified_boot/vboot_check.c: 85 in
verified_boot_check_manifest()
________________________________________________________________________________________________________
*** CID 1419483: Memory - corruptions (OVERRUN)
/src/vendorcode/eltan/security/verified_boot/vboot_check.c: 85 in
verified_boot_check_manifest()
79 pre->body_signature.data_size =
CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_ITEMS *
80 DIGEST_SIZE;
81 pre->body_signature.sig_offset = sizeof(struct vb2_signature) +
82 pre->body_signature.data_size;
83 pre->body_signature.sig_size = size - pre->body_signature.data_size;
84 sd->workbuf_used += size;
>>> CID 1419483: Memory - corruptions (OVERRUN)
>>> Overrunning struct type vb2_signature of 24 bytes by passing it to a
>>> function which accesses it at byte offset 663 using argument "size" (which
>>> evaluates to 640). [Note: The source code implementation of the function
>>> has been overridden by a builtin model.]
85 memcpy((void *)((void *)&pre->body_signature + (long)sizeof(struct
vb2_signature)),
86 (uint8_t *)CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_LOC, size);
87
88
89 if (vb2api_verify_kernel_data(ctx, (void
*)CONFIG_VENDORCODE_ELTAN_OEM_MANIFEST_LOC,
90 pre->body_signature.data_size))
** CID 1407750: Control flow issues (NO_EFFECT)
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 50 in sbi_check_extension()
________________________________________________________________________________________________________
*** CID 1407750: Control flow issues (NO_EFFECT)
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 50 in sbi_check_extension()
44 * by checking the feature bits of the platform. We can create a map
45 * between extension ID & feature and use a generic function to check
46 * or just use a switch case for every new extension support added
47 * TODO: Implement it.
48 */
49
>>> CID 1407750: Control flow issues (NO_EFFECT)
>>> This greater-than-or-equal-to-zero comparison of an unsigned value is
>>> always true. "extid >= SBI_EXT_0_1_SET_TIMER".
50 if ((extid >= SBI_EXT_0_1_SET_TIMER &&
51 extid <= SBI_EXT_0_1_SHUTDOWN) || (extid == SBI_EXT_BASE)) {
52 *out_val = 1;
53 } else if (extid >= SBI_EXT_VENDOR_START &&
54 extid <= SBI_EXT_VENDOR_END) {
55 *out_val = sbi_platform_vendor_ext_check(
** CID 1407740: Control flow issues (DEADCODE)
/3rdparty/opensbi/lib/sbi/sbi_trap.c: 131 in sbi_trap_redirect()
________________________________________________________________________________________________________
*** CID 1407740: Control flow issues (DEADCODE)
/3rdparty/opensbi/lib/sbi/sbi_trap.c: 131 in sbi_trap_redirect()
125 hstatus = csr_read(CSR_HSTATUS);
126 hstatus &= ~HSTATUS_SP2P;
127 hstatus |= (regs->mstatus & MSTATUS_SPP) ? HSTATUS_SP2P
: 0;
128 hstatus &= ~HSTATUS_SP2V;
129 hstatus |= (hstatus & HSTATUS_SPV) ? HSTATUS_SP2V : 0;
130 hstatus &= ~HSTATUS_SPV;
>>> CID 1407740: Control flow issues (DEADCODE)
>>> Execution cannot reach the expression "0UL" inside this statement:
>>> "hstatus |= (prev_virt ? 128...".
131 hstatus |= (prev_virt) ? HSTATUS_SPV : 0;
132 hstatus &= ~HSTATUS_STL;
133 hstatus |= (prev_stage2) ? HSTATUS_STL : 0;
134 csr_write(CSR_HSTATUS, hstatus);
135 }
136
** CID 1407737: Error handling issues (CHECKED_RETURN)
/src/drivers/spi/spi_sdcard.c: 357 in spi_sdcard_do_app_command()
________________________________________________________________________________________________________
*** CID 1407737: Error handling issues (CHECKED_RETURN)
/src/drivers/spi/spi_sdcard.c: 357 in spi_sdcard_do_app_command()
351 static int spi_sdcard_do_app_command(const struct spi_sdcard *card,
352 uint8_t cmd,
353 uint32_t argument,
354 uint32_t *out_register)
355 {
356 /* CMD55 */
>>> CID 1407737: Error handling issues (CHECKED_RETURN)
>>> Calling "spi_sdcard_do_command" without checking return value (as is
>>> done elsewhere 15 out of 17 times).
357 spi_sdcard_do_command(card, APP_CMD, 0, NULL);
358 return spi_sdcard_do_command_help(card, 1, cmd, argument,
out_register);
359 }
360
361
362 size_t spi_sdcard_size(const struct spi_sdcard *card)
** CID 1407730: (SWAPPED_ARGUMENTS)
________________________________________________________________________________________________________
*** CID 1407730: (SWAPPED_ARGUMENTS)
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 217 in sbi_ecall_handler()
211 } else if (extension_id == SBI_EXT_BASE)
212 ret = sbi_ecall_base_handler(scratch, extension_id,
func_id,
213 args, &out_val,
214 &out_tval, &out_tcause);
215 else if (extension_id >= SBI_EXT_VENDOR_START &&
216 extension_id <= SBI_EXT_VENDOR_END) {
>>> CID 1407730: (SWAPPED_ARGUMENTS)
>>> The positions of arguments in the call to
>>> "sbi_ecall_vendor_ext_handler" do not match the ordering of the parameters:
* "&out_tval" is passed to "out_tcause"
* "&out_tcause" is passed to "out_tval"
217 ret = sbi_ecall_vendor_ext_handler(scratch,
extension_id,
218 func_id, args,
&out_val,
219 &out_tval,
&out_tcause);
220 } else {
221 ret = SBI_ENOTSUPP;
222 }
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 212 in sbi_ecall_handler()
206 if (extension_id >= SBI_EXT_0_1_SET_TIMER &&
207 extension_id <= SBI_EXT_0_1_SHUTDOWN) {
208 ret = sbi_ecall_0_1_handler(scratch, extension_id, args,
209 &out_tval, &out_tcause);
210 is_0_1_spec = 1;
211 } else if (extension_id == SBI_EXT_BASE)
>>> CID 1407730: (SWAPPED_ARGUMENTS)
>>> The positions of arguments in the call to "sbi_ecall_base_handler" do
>>> not match the ordering of the parameters:
* "&out_tval" is passed to "out_tcause"
* "&out_tcause" is passed to "out_tval"
212 ret = sbi_ecall_base_handler(scratch, extension_id,
func_id,
213 args, &out_val,
214 &out_tval, &out_tcause);
215 else if (extension_id >= SBI_EXT_VENDOR_START &&
216 extension_id <= SBI_EXT_VENDOR_END) {
217 ret = sbi_ecall_vendor_ext_handler(scratch,
extension_id,
** CID 1407727: Control flow issues (NO_EFFECT)
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 206 in sbi_ecall_handler()
________________________________________________________________________________________________________
*** CID 1407727: Control flow issues (NO_EFFECT)
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 206 in sbi_ecall_handler()
200 args[1] = regs->a1;
201 args[2] = regs->a2;
202 args[3] = regs->a3;
203 args[4] = regs->a4;
204 args[5] = regs->a5;
205
>>> CID 1407727: Control flow issues (NO_EFFECT)
>>> This greater-than-or-equal-to-zero comparison of an unsigned value is
>>> always true. "extension_id >= SBI_EXT_0_1_SET_TIMER".
206 if (extension_id >= SBI_EXT_0_1_SET_TIMER &&
207 extension_id <= SBI_EXT_0_1_SHUTDOWN) {
208 ret = sbi_ecall_0_1_handler(scratch, extension_id, args,
209 &out_tval, &out_tcause);
210 is_0_1_spec = 1;
211 } else if (extension_id == SBI_EXT_BASE)
** CID 1407723: Control flow issues (MISSING_BREAK)
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 105 in sbi_ecall_base_handler()
________________________________________________________________________________________________________
*** CID 1407723: Control flow issues (MISSING_BREAK)
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 105 in sbi_ecall_base_handler()
99 case SBI_EXT_BASE_GET_MARCHID:
100 *out_val = csr_read(CSR_MARCHID);
101 break;
102 case SBI_EXT_BASE_GET_MIMPID:
103 *out_val = csr_read(CSR_MIMPID);
104 break;
>>> CID 1407723: Control flow issues (MISSING_BREAK)
>>> The case for value "SBI_EXT_BASE_PROBE_EXT" is not terminated by a
>>> 'break' statement.
105 case SBI_EXT_BASE_PROBE_EXT:
106 ret = sbi_check_extension(scratch, args[0], out_val);
107 default:
108 ret = SBI_ENOTSUPP;
109 }
110
** CID 1407720: (RESOURCE_LEAK)
/src/lib/bootsplash.c: 37 in set_bootsplash()
/src/lib/bootsplash.c: 40 in set_bootsplash()
________________________________________________________________________________________________________
*** CID 1407720: (RESOURCE_LEAK)
/src/lib/bootsplash.c: 37 in set_bootsplash()
31 decdata = malloc(sizeof(*decdata));
32 int ret = jpeg_decode(jpeg, framebuffer, x_resolution, y_resolution,
fb_resolution,
33 decdata);
34 if (ret != 0) {
35 printk(BIOS_ERR, "Bootsplash could not be decoded. jpeg_decode
returned %d.\n",
36 ret);
>>> CID 1407720: (RESOURCE_LEAK)
>>> Variable "decdata" going out of scope leaks the storage it points to.
37 return;
38 }
39 printk(BIOS_INFO, "Bootsplash loaded\n");
/src/lib/bootsplash.c: 40 in set_bootsplash()
34 if (ret != 0) {
35 printk(BIOS_ERR, "Bootsplash could not be decoded. jpeg_decode
returned %d.\n",
36 ret);
37 return;
38 }
39 printk(BIOS_INFO, "Bootsplash loaded\n");
>>> CID 1407720: (RESOURCE_LEAK)
>>> Variable "decdata" going out of scope leaks the storage it points to.
** CID 1407713: Uninitialized variables (UNINIT)
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 238 in sbi_ecall_handler()
________________________________________________________________________________________________________
*** CID 1407713: Uninitialized variables (UNINIT)
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 238 in sbi_ecall_handler()
232 * accordingly for now. Once fatal errors are defined,
that
233 * case should be handled differently.
234 */
235 regs->mepc += 4;
236 regs->a0 = ret;
237 if (!is_0_1_spec)
>>> CID 1407713: Uninitialized variables (UNINIT)
>>> Using uninitialized value "out_val".
238 regs->a1 = out_val;
239 }
240
241 return 0;
** CID 1407708: Code maintainability issues (UNUSED_VALUE)
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 106 in sbi_ecall_base_handler()
________________________________________________________________________________________________________
*** CID 1407708: Code maintainability issues (UNUSED_VALUE)
/3rdparty/opensbi/lib/sbi/sbi_ecall.c: 106 in sbi_ecall_base_handler()
100 *out_val = csr_read(CSR_MARCHID);
101 break;
102 case SBI_EXT_BASE_GET_MIMPID:
103 *out_val = csr_read(CSR_MIMPID);
104 break;
105 case SBI_EXT_BASE_PROBE_EXT:
>>> CID 1407708: Code maintainability issues (UNUSED_VALUE)
>>> Assigning value from "sbi_check_extension(scratch, args[0], out_val)"
>>> to "ret" here, but that stored value is overwritten before it can be used.
106 ret = sbi_check_extension(scratch, args[0], out_val);
107 default:
108 ret = SBI_ENOTSUPP;
109 }
110
111 return ret;
** CID 1405309: Incorrect expression (COPY_PASTE_ERROR)
/src/superio/common/ssdt.c: 55 in superio_guess_function()
________________________________________________________________________________________________________
*** CID 1405309: Incorrect expression (COPY_PASTE_ERROR)
/src/superio/common/ssdt.c: 55 in superio_guess_function()
49 if (!res || !res->size)
50 continue;
51 for (size_t j = 0; j < ARRAY_SIZE(superio_devs); j++) {
52 for (size_t k = 0; k < 2; k++) {
53 if (!superio_devs[j].irq[k])
54 continue;
>>> CID 1405309: Incorrect expression (COPY_PASTE_ERROR)
>>> "base" in "res->base" looks like a copy-paste error.
55 if (superio_devs[j].irq[k] == res->base)
56 return &superio_devs[j];
57 }
58 }
59 }
60 return NULL;
** CID 1402174: (ARRAY_VS_SINGLETON)
/src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbPcieInitLibV4/PcieWrapperServicesV4.c:
201 in PcieTopologySetLinkReversalV4()
/src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbPcieInitLibV4/PcieWrapperServicesV4.c:
247 in PcieTopologySetLinkReversalV4()
________________________________________________________________________________________________________
*** CID 1402174: (ARRAY_VS_SINGLETON)
/src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbPcieInitLibV4/PcieWrapperServicesV4.c:
201 in PcieTopologySetLinkReversalV4()
195 FALSE,
196 Pcie
197 );
198 }
199 }
200 }
>>> CID 1402174: (ARRAY_VS_SINGLETON)
>>> Using "EngineList" as an array. This might corrupt or misinterpret
>>> adjacent memory locations.
201 EngineList = PcieLibGetNextDescriptor (EngineList);
202 }
203 IDS_HDT_CONSOLE (GNB_TRACE, "PcieTopologySetLinkReversal Exit\n");
/src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbPcieInitLibV4/PcieWrapperServicesV4.c:
247 in PcieTopologySetLinkReversalV4()
241 FALSE,
242 Pcie
243 );
244 }
245 }
246 }
>>> CID 1402174: (ARRAY_VS_SINGLETON)
>>> Using "EngineList" as an array. This might corrupt or misinterpret
>>> adjacent memory locations.
247 EngineList = PcieLibGetNextDescriptor (EngineList);
248 }
249 IDS_HDT_CONSOLE (GNB_TRACE, "PcieTopologySetLinkReversal Exit\n");
** CID 1402170: Memory - corruptions (ARRAY_VS_SINGLETON)
/src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/PcieConfigTN.c: 405
in PcieConfigureGppEnginesLaneAllocationTN()
________________________________________________________________________________________________________
*** CID 1402170: Memory - corruptions (ARRAY_VS_SINGLETON)
/src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbInitTN/PcieConfigTN.c: 405
in PcieConfigureGppEnginesLaneAllocationTN()
399 CoreLaneIndex = 0;
400 PortIdIndex = 0;
401 while (EnginesList != NULL) {
402 PcieConfigResetDescriptorFlags (EnginesList, DESCRIPTOR_ALLOCATED);
403 EnginesList->Type.Port.StartCoreLane = GppLaneConfigurationTable
[ConfigurationId][CoreLaneIndex++];
404 EnginesList->Type.Port.EndCoreLane = GppLaneConfigurationTable
[ConfigurationId][CoreLaneIndex++];
>>> CID 1402170: Memory - corruptions (ARRAY_VS_SINGLETON)
>>> Using "EnginesList" as an array. This might corrupt or misinterpret
>>> adjacent memory locations.
405 EnginesList = PcieLibGetNextDescriptor (EnginesList);
406 }
407 return AGESA_SUCCESS;
408 }
409
410
** CID 1402165: Memory - corruptions (ARRAY_VS_SINGLETON)
/src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/PcieConfigKB.c: 193
in PcieConfigurePcieEnginesLaneAllocation()
________________________________________________________________________________________________________
*** CID 1402165: Memory - corruptions (ARRAY_VS_SINGLETON)
/src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbInitKB/PcieConfigKB.c: 193
in PcieConfigurePcieEnginesLaneAllocation()
187 while (EnginesList != NULL) {
188 if (PcieLibIsPcieEngine (EnginesList)) {
189 PcieConfigResetDescriptorFlags (EnginesList,
DESCRIPTOR_ALLOCATED);
190 EnginesList->Type.Port.StartCoreLane =
PcieLaneConfig->ConfigTable[CoreLaneIndex++];
191 EnginesList->Type.Port.EndCoreLane =
PcieLaneConfig->ConfigTable[CoreLaneIndex++];
192 }
>>> CID 1402165: Memory - corruptions (ARRAY_VS_SINGLETON)
>>> Using "EnginesList" as an array. This might corrupt or misinterpret
>>> adjacent memory locations.
193 EnginesList = PcieLibGetNextDescriptor (EnginesList);
194 }
195 return AGESA_SUCCESS;
196 }
197
198
/*----------------------------------------------------------------------------------------*/
** CID 1402163: (ARRAY_VS_SINGLETON)
/src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbPcieInitLibV1/PcieUtilityLib.c:
496 in PcieUtilGetWrapperLaneBitMap()
/src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbPcieInitLibV1/PcieUtilityLib.c:
496 in PcieUtilGetWrapperLaneBitMap()
________________________________________________________________________________________________________
*** CID 1402163: (ARRAY_VS_SINGLETON)
/src/vendorcode/amd/agesa/f16kb/Proc/GNB/Modules/GnbPcieInitLibV1/PcieUtilityLib.c:
496 in PcieUtilGetWrapperLaneBitMap()
490 if (ExcludeLaneType != 0) {
491 LaneBitmap &= (~PcieUtilGetWrapperLaneBitMap (ExcludeLaneType,
0, Wrapper));
492 }
493 } else {
494 while (EngineList != NULL) {
495 LaneBitmap |= PcieUtilGetEngineLaneBitMap (IncludeLaneType,
ExcludeLaneType, EngineList);
>>> CID 1402163: (ARRAY_VS_SINGLETON)
>>> Using "EngineList" as an array. This might corrupt or misinterpret
>>> adjacent memory locations.
496 EngineList = PcieLibGetNextDescriptor (EngineList);
497 }
498 if ((IncludeLaneType & LANE_TYPE_PCIE_PHY_NATIVE_MASTER_PLL) !=
0) {
499 LaneBitmap |= PcieUtilGetMasterPllLaneBitMap (Wrapper);
500 }
501 if ((ExcludeLaneType & LANE_TYPE_PCIE_PHY_NATIVE_MASTER_PLL) !=
0) {
/src/vendorcode/amd/agesa/f15tn/Proc/GNB/Modules/GnbPcieInitLibV1/PcieUtilityLib.c:
496 in PcieUtilGetWrapperLaneBitMap()
490 if (ExcludeLaneType != 0) {
491 LaneBitmap &= (~PcieUtilGetWrapperLaneBitMap (ExcludeLaneType,
0, Wrapper));
492 }
493 } else {
494 while (EngineList != NULL) {
495 LaneBitmap |= PcieUtilGetEngineLaneBitMap (IncludeLaneType,
ExcludeLaneType, EngineList);
>>> CID 1402163: (ARRAY_VS_SINGLETON)
>>> Using "EngineList" as an array. This might corrupt or misinterpret
>>> adjacent memory locations.
496 EngineList = PcieLibGetNextDescriptor (EngineList);
497 }
498 if ((IncludeLaneType & LANE_TYPE_PCIE_PHY_NATIVE_MASTER_PLL) !=
0) {
499 LaneBitmap |= PcieUtilGetMasterPllLaneBitMap (Wrapper);
500 }
501 if ((ExcludeLaneType & LANE_TYPE_PCIE_PHY_NATIVE_MASTER_PLL) !=
0) {
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq2SfQfrHt3Prsn4qSLrYIrajINpiFX8l0vrlNSf8iCrS27qY0Cr0DkycwNUgGZJj8-3DJBR9_L-2FDzr14mnrsJO5b1wX1hp9b1MAQygl7x-2B74RAaH2cn2G35HqhZUDBhEX-2B26SO32oYElc0jLWw363vT8pKC8wyBJTYxKZ9-2BbugtFQGV37qr7n6Ts6tsSqkNH8WM2QxN1ifei3-2Fh4aRZaT-2BFqf2FrxXzrXaF6ehUyONidkWmI6b9O4q3Lqh5ABHcxiV0SiD09Wwr3Pq051jccrPBWy3ydAcdyXiAMJcMHGwUvnYVb5lnc-3D
_______________________________________________
coreboot mailing list -- coreboot@coreboot.org
To unsubscribe send an email to coreboot-le...@coreboot.org
