Hi Heinrich, On Fri, 19 Jan 2024 at 10:56, Heinrich Schuchardt <[email protected]> wrote: > > Hello Ilias, > > please, have a look at this warning. > > > -------- Forwarded Message -------- > Subject: New Defects reported by Coverity Scan for Das U-Boot > Date: Thu, 18 Jan 2024 14:20:27 +0000 (UTC) > From: [email protected] > To: [email protected] > > Hi, > > Please find the latest report on new defect(s) introduced to Das U-Boot > found with Coverity Scan. > > 2 new defect(s) introduced to Das U-Boot found with Coverity Scan. > 16 defect(s), reported by Coverity Scan earlier, were marked fixed in > the recent build analyzed by Coverity Scan. > > New defect(s) Reported-by: Coverity Scan > Showing 2 of 2 defect(s) > > > ** CID 478334: Memory - corruptions (OVERRUN) > > > ________________________________________________________________________________________________________ > *** CID 478334: Memory - corruptions (OVERRUN) > /cmd/eficonfig.c: 534 in eficonfig_create_device_path() > 528 p += fp_size; > 529 *((struct efi_device_path *)p) = END; > 530 531 dp = efi_dp_shorten(dp_volume); > 532 if (!dp) > 533 dp = dp_volume; > >>> CID 478334: Memory - corruptions (OVERRUN) > >>> Overrunning struct type efi_device_path of 4 bytes by passing it to a > >>> function which accesses it at byte offset 5 using argument > >>> "fp->dp.length" (which evaluates to 6). > 534 dp = efi_dp_concat(dp, &fp->dp, false); > > How about using > > dp = efi_dp_concat(dp, (struct efi_device_path *)fp, false);
That looks good. I'll send a patch shortly Thanks /Ilias > > Best regards > > Heinrich > > 535 free(buf); > 536 537 return dp; > 538 } > 539 > ** CID 478333: Error handling issues (CHECKED_RETURN) > /lib/efi_loader/efi_firmware.c: 413 in efi_firmware_set_fmp_state_var() >
