On Mon, Sep 06, 2021 at 05:05:40PM +0300, Oleh Kravchenko wrote: > Hello Tom! > > Looks like it a false positive detection. > info and dev_desc are validated in few lines above: > > 609 | if (!info.name[0] && > 610 | fastboot_mmc_get_part_info(cmd, &dev_desc, &info, response) > < 0) > 611 | return;
Thanks for reviewing! I've updated the CIDs.
>
> 30.08.21 20:39, Tom Rini пише:
>
> > Hey all,
> >
> > Here's the latest report.
> >
> > ----- Forwarded message from scan-ad...@coverity.com -----
> >
> > Date: Mon, 30 Aug 2021 16:58:54 +0000 (UTC)
> > From: scan-ad...@coverity.com
> > To: tom.r...@gmail.com
> > Subject: New Defects reported by Coverity Scan for Das U-Boot
> >
> > Hi,
> >
> > Please find the latest report on new defect(s) introduced to Das U-Boot
> > found with Coverity Scan.
> >
> > 2 new defect(s) introduced to Das U-Boot found with Coverity Scan.
> >
> >
> > New defect(s) Reported-by: Coverity Scan
> > Showing 2 of 2 defect(s)
> >
> >
> > ** CID 338648: Memory - illegal accesses (UNINIT)
> > /drivers/fastboot/fb_mmc.c: 618 in fastboot_mmc_flash_write()
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 338648: Memory - illegal accesses (UNINIT)
> > /drivers/fastboot/fb_mmc.c: 618 in fastboot_mmc_flash_write()
> > 612
> > 613 if (is_sparse_image(download_buffer)) {
> > 614 struct fb_mmc_sparse sparse_priv;
> > 615 struct sparse_storage sparse;
> > 616 int err;
> > 617
> >>>> CID 338648: Memory - illegal accesses (UNINIT)
> >>>> Using uninitialized value "dev_desc".
> > 618 sparse_priv.dev_desc = dev_desc;
> > 619
> > 620 sparse.blksz = info.blksz;
> > 621 sparse.start = info.start;
> > 622 sparse.size = info.size;
> > 623 sparse.write = fb_mmc_sparse_write;
> >
> > ** CID 338647: Integer handling issues (DIVIDE_BY_ZERO)
> >
> >
> > ________________________________________________________________________________________________________
> > *** CID 338647: Integer handling issues (DIVIDE_BY_ZERO)
> > /drivers/fastboot/fb_mmc.c: 631 in fastboot_mmc_flash_write()
> > 625 sparse.mssg = fastboot_fail;
> > 626
> > 627 printf("Flashing sparse image at offset " LBAFU "\n",
> > 628 sparse.start);
> > 629
> > 630 sparse.priv = &sparse_priv;
> >>>> CID 338647: Integer handling issues (DIVIDE_BY_ZERO)
> >>>> In function call "write_sparse_image", division by expression
> >>>> "sparse.blksz" which may be zero has undefined behavior.
> > 631 err = write_sparse_image(&sparse, cmd, download_buffer,
> > 632 response);
> > 633 if (!err)
> > 634 fastboot_okay(NULL, response);
> > 635 } else {
> > 636 write_raw_image(dev_desc, &info, cmd, download_buffer,
> >
> >
> > ________________________________________________________________________________________________________
> > To view the defects in Coverity Scan visit,
> > https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yoA22WlOQ-2By3ieUvdbKmOyw68TMVT4Kip-2BBzfOGWXJ5yIiYplmPF9KAnKIja4Zd7tU-3DB0R5_EEm8SbLgSDsaDZif-2Bv7ch8WqhKpLoKErHi4nXpwDNTsWpxO-2FB72i0SdTN3-2BHFJyiYovM6CPwd6hE024NqoJv2G1PZTeHMVC9jxFLJgI9alL1SVy-2FumNUJ7wQLM0LhmayO628LnXGSp6-2BQxL8eWMnX8DfYwdG1iiYjTCUb6p6N4KZqayMpDRL0dNo-2FZrxTT-2FAz2SR1H1kktB9lp0iaajH-2BQ-3D-3D
> >
> > To manage Coverity Scan email notifications for "tom.r...@gmail.com",
> > click
> > https://u15810271.ct.sendgrid.net/ls/click?upn=HRESupC-2F2Czv4BOaCWWCy7my0P0qcxCbhZ31OYv50yped04pjJnmXOsUBtKYNIXxWeIHzDeopm-2BEWQ6S6K-2FtUHv9ZTk8qZbuzkkz9sa-2BJFw4elYDyedRVZOC-2ButxjBZdouVmTGuWB6Aj6G7lm7t25-2Biv1B-2B9082pHzCCex2kqMs-3DiOdo_EEm8SbLgSDsaDZif-2Bv7ch8WqhKpLoKErHi4nXpwDNTsWpxO-2FB72i0SdTN3-2BHFJyiTVHAVBb1e5w6-2BMjbd4JHjfrBraKGFtJ28aslex2Dq-2BGKoKqFa9LXDqSXKh1T4x2FIG8bOrMBw8qOG48BL8SGCU5Fh4Mz3heVvRktq2Dv-2Bu-2Fb8WoqCxYHUiUWEtrXPETG439ARsKn2eC80b78pwPIaQ-3D-3D
> >
> >
> > ----- End forwarded message -----
> >
--
Tom
signature.asc
Description: PGP signature
