Hi,
Please find the latest report on new defect(s) introduced to coreboot found
with Coverity Scan.
3 new defect(s) introduced to coreboot found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 3 of 3 defect(s)
** CID 1447013: Memory - corruptions (OVERRUN)
/tests/lib/memchr-test.c: 72 in test_memchr_last_character_in_string()
________________________________________________________________________________________________________
*** CID 1447013: Memory - corruptions (OVERRUN)
/tests/lib/memchr-test.c: 72 in test_memchr_last_character_in_string()
66
67 static void test_memchr_last_character_in_string(void **state)
68 {
69 void *v1 = memchr(test_data1, '9', test_data1_sz);
70 void *v2 = memchr(&test_data1[test_data1_sz - 2], '9', test_data1_sz);
71 void *v3 = memchr(test_data2, 0xff, test_data2_sz);
>>> CID 1447013: Memory - corruptions (OVERRUN)
>>> Overrunning buffer pointed to by "&test_data2[255UL]" of 256 bytes by
>>> passing it to a function which accesses it at byte offset 510 using
>>> argument "256UL". [Note: The source code implementation of the function has
>>> been overridden by a builtin model.]
72 void *v4 = memchr(&test_data2[test_data2_sz - 1], 0xff, test_data2_sz);
73
74 assert_ptr_equal(v1, v2);
75 assert_ptr_equal(v1, &test_data1[test_data1_sz - 2]);
76
77 assert_ptr_equal(v3, v4);
** CID 1447012: Memory - corruptions (OVERRUN)
/tests/lib/memchr-test.c: 50 in test_memchr_existing_value()
________________________________________________________________________________________________________
*** CID 1447012: Memory - corruptions (OVERRUN)
/tests/lib/memchr-test.c: 50 in test_memchr_existing_value()
44 static const size_t test_data2_sz = sizeof(test_data2);
45
46 static void test_memchr_existing_value(void **state)
47 {
48 /* Test using character string */
49 void *v1 = memchr(test_data1, 'A', test_data1_sz);
>>> CID 1447012: Memory - corruptions (OVERRUN)
>>> Overrunning buffer pointed to by "test_data1 + 26" of 63 bytes by
>>> passing it to a function which accesses it at byte offset 78 using argument
>>> "53UL". [Note: The source code implementation of the function has been
>>> overridden by a builtin model.]
50 void *v2 = memchr(test_data1 + 26, 'A', test_data1_sz - 10);
51
52 assert_non_null(v1);
53 assert_non_null(v2);
54 assert_ptr_equal(v1, v2);
55 assert_ptr_equal(v1, &test_data1[26]);
** CID 1447011: Memory - corruptions (OVERRUN)
/tests/lib/memchr-test.c: 70 in test_memchr_last_character_in_string()
________________________________________________________________________________________________________
*** CID 1447011: Memory - corruptions (OVERRUN)
/tests/lib/memchr-test.c: 70 in test_memchr_last_character_in_string()
64 assert_ptr_equal(v1, &test_data2[0x33]);
65 }
66
67 static void test_memchr_last_character_in_string(void **state)
68 {
69 void *v1 = memchr(test_data1, '9', test_data1_sz);
>>> CID 1447011: Memory - corruptions (OVERRUN)
>>> Overrunning buffer pointed to by "&test_data1[61UL]" of 63 bytes by
>>> passing it to a function which accesses it at byte offset 123 using
>>> argument "63UL". [Note: The source code implementation of the function has
>>> been overridden by a builtin model.]
70 void *v2 = memchr(&test_data1[test_data1_sz - 2], '9', test_data1_sz);
71 void *v3 = memchr(test_data2, 0xff, test_data2_sz);
72 void *v4 = memchr(&test_data2[test_data2_sz - 1], 0xff, test_data2_sz);
73
74 assert_ptr_equal(v1, v2);
75 assert_ptr_equal(v1, &test_data1[test_data1_sz - 2]);
________________________________________________________________________________________________________
To view the defects in Coverity Scan visit,
https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yq2SfQfrHt3Prsn4qSLrYIrajINpiFX8l0vrlNSf8iCrS27qY0Cr0DkycwNUgGZJj8-3D6fxm_L-2FDzr14mnrsJO5b1wX1hp9b1MAQygl7x-2B74RAaH2cn3Tk9e1SJaFU44S8RalEWMO-2FYDlRThY2cfbj5wybyXsWYsCUVDhdRaF5YVl8RSvItGokf9ANxFPH9MH4Tr-2Bk1J32nhiVOF4oGh8gR-2FzU5K5nkbcuRtw-2FDO6TPEJbtUP3dEoEtHL8G3UXT9zszV1n5vr93S1nba-2BYT9A1CWFd32oUhAVIaArm4C8r-2F59lS5qbFY-3D
_______________________________________________
coreboot mailing list -- coreboot@coreboot.org
To unsubscribe send an email to coreboot-le...@coreboot.org
