Hi,
Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan.
5 new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan.
New defect(s) Reported-by: Coverity Scan Showing 5 of 5 defect(s)
** CID 472149: Integer handling issues (NEGATIVE_RETURNS)
_____________________________________________________________________________________________ *** CID 472149: Integer handling issues (NEGATIVE_RETURNS) /lib/psci/psci_main.c: 300 in psci_affinity_info() 294 * - the cluster was removed from coherency as part of the CPU shutdown 295 * 296 * In this case the cache maintenace that was performed as part of the 297 * target CPUs shutdown was not seen by the current CPU's cluster. And 298 * so the cache may contain stale data for the target CPU. 299 */
CID 472149: Integer handling issues (NEGATIVE_RETURNS) "target_idx" is passed to a parameter that cannot be negative.
300 flush_cpu_data_by_index(target_idx, 301 psci_svc_cpu_data.aff_info_state); 302 303 return psci_get_aff_info_state_by_idx(target_idx); 304 } 305
** CID 472148: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________ *** CID 472148: Memory - corruptions (OVERRUN) /lib/psci/psci_main.c: 39 in psci_cpu_on() 33 34 /* Validate the target CPU */ 35 if (!is_valid_mpidr(target_cpu)) { 36 return PSCI_E_INVALID_PARAMS; 37 } 38
CID 472148: Memory - corruptions (OVERRUN) Overrunning callee's array of size 2 by passing argument "target_idx" (which evaluates to 4294967295) in call to "_cpu_data_by_index".
39 ep = get_cpu_data_by_index(target_idx, warmboot_ep_info); 40 /* Validate the lower EL entry point and put it in the entry_point_info */ 41 rc = psci_validate_entry_point(ep, entrypoint, context_id); 42 if (rc != PSCI_E_SUCCESS) { 43 return rc; 44 }
** CID 472147: (OVERRUN)
_____________________________________________________________________________________________ *** CID 472147: (OVERRUN) /lib/psci/psci_main.c: 300 in psci_affinity_info() 294 * - the cluster was removed from coherency as part of the CPU shutdown 295 * 296 * In this case the cache maintenace that was performed as part of the 297 * target CPUs shutdown was not seen by the current CPU's cluster. And 298 * so the cache may contain stale data for the target CPU. 299 */
CID 472147: (OVERRUN) Overrunning callee's array of size 2 by passing argument "target_idx" (which evaluates to 4294967295) in call to "_cpu_data_by_index".
300 flush_cpu_data_by_index(target_idx, 301 psci_svc_cpu_data.aff_info_state); 302 303 return psci_get_aff_info_state_by_idx(target_idx); 304 } 305 /lib/psci/psci_main.c: 303 in psci_affinity_info() 297 * target CPUs shutdown was not seen by the current CPU's cluster. And 298 * so the cache may contain stale data for the target CPU. 299 */ 300 flush_cpu_data_by_index(target_idx, 301 psci_svc_cpu_data.aff_info_state); 302
CID 472147: (OVERRUN) Overrunning callee's array of size 2 by passing argument "target_idx" (which evaluates to 4294967295) in call to "psci_get_aff_info_state_by_idx".
303 return psci_get_aff_info_state_by_idx(target_idx); 304 } 305 306 int psci_migrate(u_register_t target_cpu) 307 { 308 int rc;
** CID 472146: Memory - corruptions (OVERRUN)
_____________________________________________________________________________________________ *** CID 472146: Memory - corruptions (OVERRUN) /lib/el3_runtime/aarch64/context_debug.c: 107 in report_allocated_memory() 101 if (is_ctx_pauth_supported()) { 102 PRINT_SINGLE_MEM_USAGE_SEP_BLOCK(); 103 } 104 105 PRINT_MEM_USAGE_SEPARATOR(); 106
CID 472146: Memory - corruptions (OVERRUN) Overrunning callee's array of size 2 by passing argument "i" (which evaluates to 7) in call to "cm_get_context_by_index".
107 cpu_context_t *ctx = (cpu_context_t *)cm_get_context_by_index(i, 108 security_state_idx); 109 core_total = sizeof(*ctx); 110 el3_size = sizeof(ctx->el3state_ctx); 111 gp_size = sizeof(ctx->gpregs_ctx); 112 size_other = core_total - (el3_size + gp_size);
** CID 472145: Integer handling issues (NEGATIVE_RETURNS)
_____________________________________________________________________________________________ *** CID 472145: Integer handling issues (NEGATIVE_RETURNS) /lib/psci/psci_main.c: 39 in psci_cpu_on() 33 34 /* Validate the target CPU */ 35 if (!is_valid_mpidr(target_cpu)) { 36 return PSCI_E_INVALID_PARAMS; 37 } 38
CID 472145: Integer handling issues (NEGATIVE_RETURNS) "target_idx" is passed to a parameter that cannot be negative.
39 ep = get_cpu_data_by_index(target_idx, warmboot_ep_info); 40 /* Validate the lower EL entry point and put it in the entry_point_info */ 41 rc = psci_validate_entry_point(ep, entrypoint, context_id); 42 if (rc != PSCI_E_SUCCESS) { 43 return rc; 44 }
________________________________________________________________________________________________________ To view the defects in Coverity Scan visit, https://scan.coverity.com/projects/arm-software-arm-trusted-firmware?tab=ove...
tf-a@lists.trustedfirmware.org
-
scan-admin@coverity.com