New Defects Reported - ARM-software/arm-trusted-firmware

Hi,
Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan.
New Defects Found: 5
Defects Shown: Showing 5 of 5 defect(s)
Defect Details

** CID 472149:       Integer handling issues  (NEGATIVE_RETURNS)


_____________________________________________________________________________________________
*** CID 472149:         Integer handling issues  (NEGATIVE_RETURNS)
/lib/psci/psci_main.c: 300             in psci_affinity_info()
294     	 * - the cluster was removed from coherency as part of the CPU shutdown
295     	 *
296     	 * In this case the cache maintenace that was performed as part of the
297     	 * target CPUs shutdown was not seen by the current CPU's cluster. And
298     	 * so the cache may contain stale data for the target CPU.
299     	 */
>>>     CID 472149:         Integer handling issues  (NEGATIVE_RETURNS)
>>>     "target_idx" is passed to a parameter that cannot be negative.
300     	flush_cpu_data_by_index(target_idx,
301     				psci_svc_cpu_data.aff_info_state);
302     
303     	return psci_get_aff_info_state_by_idx(target_idx);
304     }
305     

** CID 472148:       Memory - corruptions  (OVERRUN)


_____________________________________________________________________________________________
*** CID 472148:         Memory - corruptions  (OVERRUN)
/lib/psci/psci_main.c: 39             in psci_cpu_on()
33     
34     	/* Validate the target CPU */
35     	if (!is_valid_mpidr(target_cpu)) {
36     		return PSCI_E_INVALID_PARAMS;
37     	}
38     
>>>     CID 472148:         Memory - corruptions  (OVERRUN)
>>>     Overrunning callee's array of size 2 by passing argument "target_idx" (which evaluates to 4294967295) in call to "_cpu_data_by_index".
39     	ep = get_cpu_data_by_index(target_idx, warmboot_ep_info);
40     	/* Validate the lower EL entry point and put it in the entry_point_info */
41     	rc = psci_validate_entry_point(ep, entrypoint, context_id);
42     	if (rc != PSCI_E_SUCCESS) {
43     		return rc;
44     	}

** CID 472147:         (OVERRUN)


_____________________________________________________________________________________________
*** CID 472147:           (OVERRUN)
/lib/psci/psci_main.c: 300             in psci_affinity_info()
294     	 * - the cluster was removed from coherency as part of the CPU shutdown
295     	 *
296     	 * In this case the cache maintenace that was performed as part of the
297     	 * target CPUs shutdown was not seen by the current CPU's cluster. And
298     	 * so the cache may contain stale data for the target CPU.
299     	 */
>>>     CID 472147:           (OVERRUN)
>>>     Overrunning callee's array of size 2 by passing argument "target_idx" (which evaluates to 4294967295) in call to "_cpu_data_by_index".
300     	flush_cpu_data_by_index(target_idx,
301     				psci_svc_cpu_data.aff_info_state);
302     
303     	return psci_get_aff_info_state_by_idx(target_idx);
304     }
305     
/lib/psci/psci_main.c: 303             in psci_affinity_info()
297     	 * target CPUs shutdown was not seen by the current CPU's cluster. And
298     	 * so the cache may contain stale data for the target CPU.
299     	 */
300     	flush_cpu_data_by_index(target_idx,
301     				psci_svc_cpu_data.aff_info_state);
302     
>>>     CID 472147:           (OVERRUN)
>>>     Overrunning callee's array of size 2 by passing argument "target_idx" (which evaluates to 4294967295) in call to "psci_get_aff_info_state_by_idx".
303     	return psci_get_aff_info_state_by_idx(target_idx);
304     }
305     
306     int psci_migrate(u_register_t target_cpu)
307     {
308     	int rc;

** CID 472146:       Memory - corruptions  (OVERRUN)


_____________________________________________________________________________________________
*** CID 472146:         Memory - corruptions  (OVERRUN)
/lib/el3_runtime/aarch64/context_debug.c: 107             in report_allocated_memory()
101     		if (is_ctx_pauth_supported()) {
102     			PRINT_SINGLE_MEM_USAGE_SEP_BLOCK();
103     		}
104     
105     		PRINT_MEM_USAGE_SEPARATOR();
106     
>>>     CID 472146:         Memory - corruptions  (OVERRUN)
>>>     Overrunning callee's array of size 2 by passing argument "i" (which evaluates to 7) in call to "cm_get_context_by_index".
107     		cpu_context_t *ctx = (cpu_context_t *)cm_get_context_by_index(i,
108     			security_state_idx);
109     		core_total = sizeof(*ctx);
110     		el3_size = sizeof(ctx->el3state_ctx);
111     		gp_size = sizeof(ctx->gpregs_ctx);
112     		size_other = core_total - (el3_size + gp_size);

** CID 472145:       Integer handling issues  (NEGATIVE_RETURNS)


_____________________________________________________________________________________________
*** CID 472145:         Integer handling issues  (NEGATIVE_RETURNS)
/lib/psci/psci_main.c: 39             in psci_cpu_on()
33     
34     	/* Validate the target CPU */
35     	if (!is_valid_mpidr(target_cpu)) {
36     		return PSCI_E_INVALID_PARAMS;
37     	}
38     
>>>     CID 472145:         Integer handling issues  (NEGATIVE_RETURNS)
>>>     "target_idx" is passed to a parameter that cannot be negative.
39     	ep = get_cpu_data_by_index(target_idx, warmboot_ep_info);
40     	/* Validate the lower EL entry point and put it in the entry_point_info */
41     	rc = psci_validate_entry_point(ep, entrypoint, context_id);
42     	if (rc != PSCI_E_SUCCESS) {
43     		return rc;
44     	}
View Defects in Coverity Scan
Best regards,
The Coverity Scan Admin Team