---------- Forwarded message --------- From: <scan-ad...@coverity.com> Date: Mon, Feb 13, 2023, 6:50 PM Subject: New Defects reported by Coverity Scan for Das U-Boot To: <tom.r...@gmail.com>
Hi,
Please find the latest report on new defect(s) introduced to Das U-Boot
found with Coverity Scan.
2 new defect(s) introduced to Das U-Boot found with Coverity Scan.
3 defect(s), reported by Coverity Scan earlier, were marked fixed in the
recent build analyzed by Coverity Scan.
New defect(s) Reported-by: Coverity Scan
Showing 2 of 2 defect(s)
** CID 436073: Resource leaks (RESOURCE_LEAK)
/tools/proftool.c: 1853 in make_flamegraph()
________________________________________________________________________________________________________
*** CID 436073: Resource leaks (RESOURCE_LEAK)
/tools/proftool.c: 1853 in make_flamegraph()
1847
1848 if (make_flame_tree(out_format, &tree))
1849 return -1;
1850
1851 *str = '\0';
1852 if (output_tree(fout, out_format, tree, str, sizeof(str),
0))
>>> CID 436073: Resource leaks (RESOURCE_LEAK)
>>> Variable "tree" going out of scope leaks the storage it points to.
1853 return -1;
1854
1855 return 0;
1856 }
1857
1858 /**
** CID 436072: Insecure data handling (TAINTED_SCALAR)
________________________________________________________________________________________________________
*** CID 436072: Insecure data handling (TAINTED_SCALAR)
/tools/proftool.c: 515 in read_trace()
509 switch (hdr.type) {
510 case TRACE_CHUNK_FUNCS:
511 /* Ignored at present */
512 break;
513
514 case TRACE_CHUNK_CALLS:
>>> CID 436072: Insecure data handling (TAINTED_SCALAR)
>>> Passing tainted expression "hdr.rec_count" to "read_calls", which
uses it as an allocation size.
515 if (read_calls(fin, hdr.rec_count))
516 return 1;
517 break;
518 }
519 }
520 return 0;
--
Tom
signature.asc
Description: PGP signature
