---------- Forwarded message ---------
From: <scan-ad...@coverity.com>
Date: Mon, Feb 13, 2023, 6:50 PM
Subject: New Defects reported by Coverity Scan for Das U-Boot
To: <tom.r...@gmail.com>


Hi,

Please find the latest report on new defect(s) introduced to Das U-Boot
found with Coverity Scan.

2 new defect(s) introduced to Das U-Boot found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the
recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)


** CID 436073:  Resource leaks  (RESOURCE_LEAK)
/tools/proftool.c: 1853 in make_flamegraph()


________________________________________________________________________________________________________
*** CID 436073:  Resource leaks  (RESOURCE_LEAK)
/tools/proftool.c: 1853 in make_flamegraph()
1847
1848            if (make_flame_tree(out_format, &tree))
1849                    return -1;
1850
1851            *str = '\0';
1852            if (output_tree(fout, out_format, tree, str, sizeof(str),
0))
>>>     CID 436073:  Resource leaks  (RESOURCE_LEAK)
>>>     Variable "tree" going out of scope leaks the storage it points to.
1853                    return -1;
1854
1855            return 0;
1856     }
1857
1858     /**

** CID 436072:  Insecure data handling  (TAINTED_SCALAR)


________________________________________________________________________________________________________
*** CID 436072:  Insecure data handling  (TAINTED_SCALAR)
/tools/proftool.c: 515 in read_trace()
509                     switch (hdr.type) {
510                     case TRACE_CHUNK_FUNCS:
511                             /* Ignored at present */
512                             break;
513
514                     case TRACE_CHUNK_CALLS:
>>>     CID 436072:  Insecure data handling  (TAINTED_SCALAR)
>>>     Passing tainted expression "hdr.rec_count" to "read_calls", which
uses it as an allocation size.
515                             if (read_calls(fin, hdr.rec_count))
516                                     return 1;
517                             break;
518                     }
519             }
520             return 0;


-- 
Tom

Attachment: signature.asc
Description: PGP signature

Reply via email to