Hey all, Looks like Coverity is a little unhappy about the FIT alignment fixes, but I'm not sure yet if we can just mark them as intentional and already safety checked inputs or not.
---------- Forwarded message --------- From: <[email protected]> Date: Mon, Feb 23, 2026 at 1:34 PM Subject: New Defects reported by Coverity Scan for Das U-Boot To: <[email protected]> Hi, Please find the latest report on new defect(s) introduced to *Das U-Boot* found with Coverity Scan. - *New Defects Found:* 1 - 1 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan. - *Defects Shown:* Showing 1 of 1 defect(s) Defect Details ** CID 644638: (TAINTED_SCALAR) _____________________________________________________________________________________________ *** CID 644638: (TAINTED_SCALAR) /boot/image-fit.c: 2410 in boot_get_fdt_fit_into_buffer() 2404 */ 2405 if (dstlen >= newdstlen && dstbuf == fdtsrcbuf) 2406 goto out; 2407 2408 /* Try to reuse existing destination buffer if it is large enough. */ 2409 if (dstbuf && dstlen >= newdstlen) { >>> CID 644638: (TAINTED_SCALAR) >>> Passing tainted expression "fdtsrcbuf->size_dt_strings" to >>> "fdt_open_into", which uses it as an offset. 2410 err = fdt_open_into(fdtsrcbuf, dstbuf, dstlen); 2411 goto out; 2412 } 2413 2414 newdstbuf = memalign(8, newdstlen); 2415 if (!newdstbuf) { /boot/image-fit.c: 2420 in boot_get_fdt_fit_into_buffer() 2414 newdstbuf = memalign(8, newdstlen); 2415 if (!newdstbuf) { 2416 err = -ENOMEM; 2417 goto out; 2418 } 2419 >>> CID 644638: (TAINTED_SCALAR) >>> Passing tainted expression "fdtsrcbuf->size_dt_struct" to >>> "fdt_open_into", which uses it as an offset. 2420 err = fdt_open_into(fdtsrcbuf, newdstbuf, newdstlen); 2421 if (err < 0) 2422 goto out; 2423 2424 free(dstbuf); 2425 *fdtdstbuf = newdstbuf; /boot/image-fit.c: 2420 in boot_get_fdt_fit_into_buffer() 2414 newdstbuf = memalign(8, newdstlen); 2415 if (!newdstbuf) { 2416 err = -ENOMEM; 2417 goto out; 2418 } 2419 >>> CID 644638: (TAINTED_SCALAR) >>> Passing tainted expression "fdtsrcbuf->size_dt_strings" to >>> "fdt_open_into", which uses it as an offset. 2420 err = fdt_open_into(fdtsrcbuf, newdstbuf, newdstlen); 2421 if (err < 0) 2422 goto out; 2423 2424 free(dstbuf); 2425 *fdtdstbuf = newdstbuf; /boot/image-fit.c: 2420 in boot_get_fdt_fit_into_buffer() 2414 newdstbuf = memalign(8, newdstlen); 2415 if (!newdstbuf) { 2416 err = -ENOMEM; 2417 goto out; 2418 } 2419 >>> CID 644638: (TAINTED_SCALAR) >>> Passing tainted expression "fdtsrcbuf->totalsize" to "fdt_open_into", >>> which uses it as an offset. 2420 err = fdt_open_into(fdtsrcbuf, newdstbuf, newdstlen); 2421 if (err < 0) 2422 goto out; 2423 2424 free(dstbuf); 2425 *fdtdstbuf = newdstbuf; /boot/image-fit.c: 2410 in boot_get_fdt_fit_into_buffer() 2404 */ 2405 if (dstlen >= newdstlen && dstbuf == fdtsrcbuf) 2406 goto out; 2407 2408 /* Try to reuse existing destination buffer if it is large enough. */ 2409 if (dstbuf && dstlen >= newdstlen) { >>> CID 644638: (TAINTED_SCALAR) >>> Passing tainted expression "fdtsrcbuf->totalsize" to "fdt_open_into", >>> which uses it as an offset. 2410 err = fdt_open_into(fdtsrcbuf, dstbuf, dstlen); 2411 goto out; 2412 } 2413 2414 newdstbuf = memalign(8, newdstlen); 2415 if (!newdstbuf) { /boot/image-fit.c: 2410 in boot_get_fdt_fit_into_buffer() 2404 */ 2405 if (dstlen >= newdstlen && dstbuf == fdtsrcbuf) 2406 goto out; 2407 2408 /* Try to reuse existing destination buffer if it is large enough. */ 2409 if (dstbuf && dstlen >= newdstlen) { >>> CID 644638: (TAINTED_SCALAR) >>> Passing tainted expression "fdtsrcbuf->size_dt_struct" to >>> "fdt_open_into", which uses it as an offset. 2410 err = fdt_open_into(fdtsrcbuf, dstbuf, dstlen); 2411 goto out; 2412 } 2413 2414 newdstbuf = memalign(8, newdstlen); 2415 if (!newdstbuf) { View Defects in Coverity Scan <https://scan.coverity.com/projects/das-u-boot?tab=overview> Best regards, The Coverity Scan Admin Team ----- End forwarded message ----- -- Tom
signature.asc
Description: PGP signature
