Hi,
Please find the latest report on new defect(s) introduced to ARM-software/arm-trusted-firmware found with Coverity Scan.
** CID 490141: Control flow issues (NO_EFFECT)
/contrib/libeventlog/src/event_log.c: 264 in event_log_init_and_reg()
_____________________________________________________________________________________________
*** CID 490141: Control flow issues (NO_EFFECT)
/contrib/libeventlog/src/event_log.c: 264 in event_log_init_and_reg()
258 int rc = event_log_init(start, finish);
259 if (rc < 0) {
260 return rc;
261 }
262
263 if (hash_info == NULL || hash_info->func == NULL ||
>>> CID 490141: Control flow issues (NO_EFFECT)
>>> This less-than-zero comparison of an unsigned value is never true. "hash_info->count < 0UL".
264 hash_info->count < 0 || hash_info->count > HASH_ALG_COUNT) {
265 return -EINVAL;
266 }
267
268 crypto_hash_info = hash_info;
269 return 0;
** CID 490140: Memory - illegal accesses (OVERRUN)
_____________________________________________________________________________________________
*** CID 490140: Memory - illegal accesses (OVERRUN)
/contrib/libeventlog/src/event_print.c: 46 in event_log_print_spaced_hex()
40 event_log_append_str(output_buf, cap, &pos, prefix);
41
42 for (size_t off = 0; off < buf_len; off += 16U) {
43 chunk = (buf_len - off >= 16U) ? 16U : (buf_len - off);
44
45 /* write the 16-byte (or tail) chunk */
>>> CID 490140: Memory - illegal accesses (OVERRUN)
>>> Overrunning array of 256 bytes at byte offset 256 by dereferencing pointer "output_buf + pos".
46 pos += event_log_write_hex_spaced(output_buf + pos,
47 (pos < cap) ? (cap - pos) : 0,
48 chunk, buf + off);
49
50 NOTICE(" %s\n", output_buf);
51
Best regards,
The Coverity Scan Admin Team
