[PATCH v1] common/idpf: fix tainted scalar
Mingxia Liu
mingxia.liu at intel.com
Wed Nov 9 06:01:30 CET 2022
From: mingxial <mingxia.liu at intel.com>
Passing tainted expression "msg.data_len" to
"rte_memcpy", which uses it as a loop boundary.
Replace tainted expression with a temp variable
to avoid the tainted scalar coverity warning.
Coverity issue: 381688
Fixes: fb4ac04e9bfa ("common/idpf: introduce common library")
Cc: stable at dpdk.org
Signed-off-by: mingxial <mingxia.liu at intel.com>
---
drivers/common/idpf/base/idpf_common.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/drivers/common/idpf/base/idpf_common.c b/drivers/common/idpf/base/idpf_common.c
index 1debf129a3..bcc0c11ae8 100644
--- a/drivers/common/idpf/base/idpf_common.c
+++ b/drivers/common/idpf/base/idpf_common.c
@@ -221,6 +221,7 @@ int idpf_clean_arq_element(struct idpf_hw *hw,
{
struct idpf_ctlq_msg msg = { 0 };
int status;
+ u16 msg_data_len;
*pending = 1;
@@ -234,7 +235,8 @@ int idpf_clean_arq_element(struct idpf_hw *hw,
e->desc.datalen = msg.data_len;
if (msg.data_len > 0) {
e->buf_len = msg.data_len;
- idpf_memcpy(e->msg_buf, msg.ctx.indirect.payload->va, msg.data_len,
+ msg_data_len = msg.data_len;
+ idpf_memcpy(e->msg_buf, msg.ctx.indirect.payload->va, msg_data_len,
IDPF_DMA_TO_NONDMA);
}
return status;
--
2.25.1
More information about the stable
mailing list