[PATCH v2 8/8] net/nfp: fix tainted scalar

[Chaoyong He]

From: Peng Zhang <peng.zhang at corigine.com>

Passing tainted expression 'ectx->fw_info_strtab_sz' to
'nfp_elf_fwinfo_lookup()', which uses it as a loop boundary.

Replace tainted expression with a temp variable to avoid
the tainted scalar coverity warning.

Coverity issue: 415051
Fixes: c82ca09c441c ("net/nfp: add ELF module")
Cc: stable at dpdk.org

Signed-off-by: Peng Zhang <peng.zhang at corigine.com>
Reviewed-by: Chaoyong He <chaoyong.he at corigine.com>
---
 drivers/net/nfp/nfpcore/nfp_elf.c | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/drivers/net/nfp/nfpcore/nfp_elf.c b/drivers/net/nfp/nfpcore/nfp_elf.c
index 1bf68ab3e4..cfa59ed16d 100644
--- a/drivers/net/nfp/nfpcore/nfp_elf.c
+++ b/drivers/net/nfp/nfpcore/nfp_elf.c
@@ -324,14 +324,13 @@ nfp_elf_fwinfo_next(struct nfp_elf *ectx,
 }
 
 static const char *
-nfp_elf_fwinfo_lookup(struct nfp_elf *ectx,
+nfp_elf_fwinfo_lookup(const char *strtab,
+		ssize_t tab_sz,
 		const char *key)
 {
 	size_t s_len;
 	const char *s;
 	size_t key_len = strlen(key);
-	const char *strtab = ectx->fw_info_strtab;
-	ssize_t tab_sz = (ssize_t)ectx->fw_info_strtab_sz;
 
 	if (strtab == NULL)
 		return NULL;
@@ -610,7 +609,9 @@ nfp_elf_populate_fw_mip(struct nfp_elf *ectx,
 {
 	uint8_t *pu8;
 	const char *nx;
+	ssize_t tab_sz;
 	uint64_t sh_size;
+	const char *str_tab;
 	uint64_t sh_offset;
 	uint32_t first_entry;
 	const struct nfp_mip *mip;
@@ -662,7 +663,9 @@ nfp_elf_populate_fw_mip(struct nfp_elf *ectx,
 		}
 	}
 
-	ectx->fw_mip.fw_typeid = nfp_elf_fwinfo_lookup(ectx, "TypeId");
+	str_tab = ectx->fw_info_strtab;
+	tab_sz = (ssize_t)ectx->fw_info_strtab_sz;
+	ectx->fw_mip.fw_typeid = nfp_elf_fwinfo_lookup(str_tab, tab_sz, "TypeId");
 
 	/*
 	 * TypeId will be the last reserved key-value pair, so skip
-- 
2.39.1