Hi,

Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan.

1 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan.

New defect(s) Reported-by: Coverity Scan Showing 1 of 1 defect(s)

** CID 415256: Memory - corruptions (ARRAY_VS_SINGLETON)

________________________________________________________________________________________________________ *** CID 415256: Memory - corruptions (ARRAY_VS_SINGLETON) /qcbor/src/qcbor_decode.c: 3725 in QCBORDecode_ExitBoundedMapOrArray() 3719 that is being exited. If there is no cached value, 3720 from previous map search, then do a dummy search. 3721 */ 3722 if(pMe->uMapEndOffsetCache == QCBOR_MAP_OFFSET_CACHE_INVALID) { 3723 QCBORItem Dummy; 3724 Dummy.uLabelType = QCBOR_TYPE_NONE;

...

...

CID 415256:  Memory - corruptions  (ARRAY_VS_SINGLETON)
Passing "&Dummy" to function "MapSearch" which uses it as an array. This might corrupt or misinterpret adjacent memory locations.

3725 uErr = MapSearch(pMe, &Dummy, NULL, NULL, NULL); 3726 if(uErr != QCBOR_SUCCESS) { 3727 goto Done; 3728 } 3729 } 3730

________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://u15810271.ct.sendgrid.net/ls/click?upn=u001.AxU2LYlgjL6eX23u9ErQy-2B...