[v2,8/8] net/nfp: fix tainted scalar
Checks
Commit Message
From: Peng Zhang <peng.zhang@corigine.com>
Passing tainted expression 'ectx->fw_info_strtab_sz' to
'nfp_elf_fwinfo_lookup()', which uses it as a loop boundary.
Replace tainted expression with a temp variable to avoid
the tainted scalar coverity warning.
Coverity issue: 415051
Fixes: c82ca09c441c ("net/nfp: add ELF module")
Cc: stable@dpdk.org
Signed-off-by: Peng Zhang <peng.zhang@corigine.com>
Reviewed-by: Chaoyong He <chaoyong.he@corigine.com>
---
drivers/net/nfp/nfpcore/nfp_elf.c | 11 +++++++----
1 file changed, 7 insertions(+), 4 deletions(-)
@@ -324,14 +324,13 @@ nfp_elf_fwinfo_next(struct nfp_elf *ectx,
}
static const char *
-nfp_elf_fwinfo_lookup(struct nfp_elf *ectx,
+nfp_elf_fwinfo_lookup(const char *strtab,
+ ssize_t tab_sz,
const char *key)
{
size_t s_len;
const char *s;
size_t key_len = strlen(key);
- const char *strtab = ectx->fw_info_strtab;
- ssize_t tab_sz = (ssize_t)ectx->fw_info_strtab_sz;
if (strtab == NULL)
return NULL;
@@ -610,7 +609,9 @@ nfp_elf_populate_fw_mip(struct nfp_elf *ectx,
{
uint8_t *pu8;
const char *nx;
+ ssize_t tab_sz;
uint64_t sh_size;
+ const char *str_tab;
uint64_t sh_offset;
uint32_t first_entry;
const struct nfp_mip *mip;
@@ -662,7 +663,9 @@ nfp_elf_populate_fw_mip(struct nfp_elf *ectx,
}
}
- ectx->fw_mip.fw_typeid = nfp_elf_fwinfo_lookup(ectx, "TypeId");
+ str_tab = ectx->fw_info_strtab;
+ tab_sz = (ssize_t)ectx->fw_info_strtab_sz;
+ ectx->fw_mip.fw_typeid = nfp_elf_fwinfo_lookup(str_tab, tab_sz, "TypeId");
/*
* TypeId will be the last reserved key-value pair, so skip