Hi Tom, On Wed, 24 Aug 2022 at 05:40, Tom Rini <[email protected]> wrote: > > And here's the most recent one. > > ----- Forwarded message from Tom Rini <[email protected]> ----- > > Date: Wed, 24 Aug 2022 07:38:55 -0400 > From: Tom Rini <[email protected]> > To: [email protected] > Subject: Fwd: New Defects reported by Coverity Scan for Das U-Boot > > ---------- Forwarded message --------- > From: <[email protected]> > Date: Mon, Aug 22, 2022 at 7:07 PM > Subject: New Defects reported by Coverity Scan for Das U-Boot > To: <[email protected]> > > > Hi, > > Please find the latest report on new defect(s) introduced to Das > U-Boot found with Coverity Scan. > > 3 new defect(s) introduced to Das U-Boot found with Coverity Scan. > 2 defect(s), reported by Coverity Scan earlier, were marked fixed in > the recent build analyzed by Coverity Scan. > > New defect(s) Reported-by: Coverity Scan > Showing 3 of 3 defect(s) > > > ** CID 356244: Null pointer dereferences (FORWARD_NULL) > > > ________________________________________________________________________________________________________ > *** CID 356244: Null pointer dereferences (FORWARD_NULL) > /boot/vbe.c: 46 in vbe_find_first_device() > 40 int vbe_find_first_device(struct udevice **devp) > 41 { > 42 uclass_find_first_device(UCLASS_BOOTMETH, devp); > 43 if (*devp && is_vbe(*devp)) > 44 return 0; > 45 > >>> CID 356244: Null pointer dereferences (FORWARD_NULL) > >>> Passing "devp" to "vbe_find_next_device", which dereferences null > >>> "*devp". > 46 return vbe_find_next_device(devp); > 47 } > 48 > 49 int vbe_list(void) > 50 { > 51 struct bootstd_priv *std; > > ** CID 356243: Code maintainability issues (UNUSED_VALUE) > /boot/vbe_simple.c: 237 in bootmeth_vbe_simple_ft_fixup() > > > ________________________________________________________________________________________________________ > *** CID 356243: Code maintainability issues (UNUSED_VALUE) > /boot/vbe_simple.c: 237 in bootmeth_vbe_simple_ft_fixup() > 231 /* > 232 * Ideally we would have driver model support for > fixups, but that does > 233 * not exist yet. It is a step too far to try to do > this before VBE is > 234 * in place. > 235 */ > 236 for (ret = vbe_find_first_device(&dev); dev; > >>> CID 356243: Code maintainability issues (UNUSED_VALUE) > >>> Assigning value from "vbe_find_next_device(&dev)" to "ret" here, but > >>> that stored value is overwritten before it can be used. > 237 ret = vbe_find_next_device(&dev)) { > 238 struct simple_state state; > 239 > 240 if (strcmp("vbe_simple", dev->driver->name)) > 241 continue; > 242 > > ** CID 356242: (TAINTED_SCALAR) > > > ________________________________________________________________________________________________________ > *** CID 356242: (TAINTED_SCALAR) > /test/dm/ofnode.c: 501 in make_ofnode_fdt() > 495 ut_assertok(fdt_end_node(fdt)); > 496 > 497 ut_assert(fdt_begin_node(fdt, "new-mmc") >= 0); > 498 ut_assertok(fdt_end_node(fdt)); > 499 > 500 ut_assertok(fdt_end_node(fdt)); > >>> CID 356242: (TAINTED_SCALAR) > >>> Passing tainted expression "fdt->size_dt_strings" to "fdt_finish", > >>> which uses it as an offset. > 501 ut_assertok(fdt_finish(fdt)); > 502 > 503 return 0; > 504 } > 505 > 506 static int dm_test_ofnode_root(struct unit_test_state *uts) > /test/dm/ofnode.c: 501 in make_ofnode_fdt() > 495 ut_assertok(fdt_end_node(fdt)); > 496 > 497 ut_assert(fdt_begin_node(fdt, "new-mmc") >= 0); > 498 ut_assertok(fdt_end_node(fdt)); > 499 > 500 ut_assertok(fdt_end_node(fdt)); > >>> CID 356242: (TAINTED_SCALAR) > >>> Passing tainted expression "fdt->size_dt_strings" to "fdt_finish", > >>> which uses it as an offset. > 501 ut_assertok(fdt_finish(fdt)); > 502 > 503 return 0; > 504 } > 505 > 506 static int dm_test_ofnode_root(struct unit_test_state *uts) > > > ________________________________________________________________________________________________________ > To view the defects in Coverity Scan visit, > https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoA22WlOQ-2By3ieUvdbKmOyw68TMVT4Kip-2BBzfOGWXJ5yIiYplmPF9KAnKIja4Zd7tU-3Dl_S3_EEm8SbLgSDsaDZif-2Bv7ch8WqhKpLoKErHi4nXpwDNTu-2FviBcJy3TYnkbff9O1lpJB2a065UniCzfVIBu-2Brs6HGPrhp6hp3s-2BQGSVvNSaRsQojbpJAi7kxyFcHZ8aaIeQ0LJlzM2cTXzCCeq8c-2FquCeg4mCmdPzUFdWUhBcgytnExm8LYbWctf-2B-2BcK49gD2uvdO0dVdoZGeFYKdAJZGcKrg-3D-3D > > To manage Coverity Scan email notifications for > "[email protected]", click > https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxWeIHzDeopm-2BEWQ6S6K-2FtUHv9ZTk8qZbuzkkz9sa-2BJFzf226DuRd-2B2ygQlLnerl-2BA3jN1AOYejXZ-2FNZ62waJHedPFGpqqjTx8fawy9KPJBno-3D0xWA_EEm8SbLgSDsaDZif-2Bv7ch8WqhKpLoKErHi4nXpwDNTu-2FviBcJy3TYnkbff9O1lpJ8fYfPhPSMWru8G5g0hjYD2lP6GfXdRYLDay-2BEZMB4nffrqxFwC3P84QsfDGYYlZb-2Fv2AYdsgvSvu2gEihe-2BP8O4Khh9gLeVsBYy-2Bps2buInswpEo43c-2B1-2FHNkYpmMXLe6-2FNHIyvt0clj7kDSbeyOqA-3D-3D >
OK I have it on my list...currently trying to get the VBE stuff finished for osfc in 10 days. Regards, Simon
