Hey all, Unfortunately it looks like Coverity scan no longer generates the email report with code snippets and only send me a high level report now. So, the latest report is visible only to project members when logged in, and is: https://scan8.scan.coverity.com/#/project-view/22486/10710
So I'm making my own summary and either explaining what the problem is, or
copy/pasting from the viewer.
This has 3 new defects. Two of which are in
drivers/video/console_rotate.c and the console_putc_xy_1 and
console_putc_xy_3 functions noting that height/width arguments are
reversed in the return line call to video_damage. On looking at the
code, I think x/y are as well and maybe this is intentional but not
clearly commented enough?
The third defect is in boot/bootm_os.c the do_bootm_efi function:
503 /* Run EFI image */
504 printf("## Transferring control to EFI (at address %08lx) ...\n",
505 images->os.image_start);
506 bootstage_mark(BOOTSTAGE_ID_RUN_OS);
507
2. Condition images->ft_len, taking true branch.
3. function_return: Function efi_binary_run(image_buf,
images->os.image_len, (images->ft_len ? images->ft_addr : NULL), (void
*)images->initrd_start, (size_t)(images->initrd_end - images->initrd_start))
returns -9223372036854775799.
CID 550810: (#1 of 1): Overflowed constant (INTEGER_OVERFLOW)
4. overflow_const: Expression ret, where efi_binary_run(image_buf,
images->os.image_len, (images->ft_len ? images->ft_addr : NULL), (void
*)images->initrd_start, (size_t)(images->initrd_end - images->initrd_start)) is
known to be equal to 9223372036854775817, overflows the type of ret, which is
type int.
508 ret = efi_binary_run(image_buf, images->os.image_len,
509 images->ft_len
510 ? images->ft_addr : EFI_FDT_USE_INTERNAL,
511 (void *)images->initrd_start,
512 (size_t)(images->initrd_end -
images->initrd_start));
513
514 return ret;
--
Tom
signature.asc
Description: PGP signature
