diff mbox series

[v3,1/8] bus/fslmc: fix dereferencing null pointer

Message ID	20200504124118.22877-2-hemant.agrawal@nxp.com (mailing list archive)
State	Superseded, archived
Delegated to:	Ferruh Yigit
Headers	From: Hemant Agrawal <hemant.agrawal@nxp.com> To: dev@dpdk.org, ferruh.yigit@intel.com Cc: stable@dpdk.org, Apeksha Gupta <apeksha.gupta@nxp.com> Date: Mon, 4 May 2020 18:11:11 +0530 Message-Id: <20200504124118.22877-2-hemant.agrawal@nxp.com> In-Reply-To: <20200504124118.22877-1-hemant.agrawal@nxp.com> References: <20200306095742.18080-1-hemant.agrawal@nxp.com> <20200504124118.22877-1-hemant.agrawal@nxp.com> Subject: [dpdk-dev] [PATCH v3 1/8] bus/fslmc: fix dereferencing null pointer Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	NXP DPAAx fixes and enhancements \| [v3,0/8] NXP DPAAx fixes and enhancements [v3,1/8] bus/fslmc: fix dereferencing null pointer [v3,2/8] net/dpaa2: fix 10g port negotiation issue [v3,3/8] net/dpaa2: do not prefetch annotaion for physical mode [v3,4/8] net/dpaa2: add default Rx params in devinfo [v3,5/8] drivers: dpaa2 enhance portal alloc failure log [v3,6/8] net/dpaa2: support UDP dst port based muxing [v3,7/8] net/dpaa2: reduce prints in queue count functions [v3,8/8] net/dpaa2: use cong group id for multiple tcs

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/iol-intel-Performance	success	Performance Testing PASS
ci/iol-nxp-Performance	success	Performance Testing PASS
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/Intel-compilation	success	Compilation OK
ci/iol-testing	success	Testing PASS

Commit Message

Hemant Agrawal May 4, 2020, 12:41 p.m. UTC

  From: Apeksha Gupta <apeksha.gupta@nxp.com>

This patch fixees the nxp internal coverity reported
null pointer dereferncing issue.

Fixes: 6fef517e17cf ("bus/fslmc: add qman HW fq query count API")
Cc: stable@dpdk.org

Signed-off-by: Apeksha Gupta <apeksha.gupta@nxp.com>
---
 drivers/bus/fslmc/qbman/qbman_debug.c | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

Comments

Ferruh Yigit May 6, 2020, 9:08 p.m. UTC | #1

On 5/4/2020 1:41 PM, Hemant Agrawal wrote:
> From: Apeksha Gupta <apeksha.gupta@nxp.com>
> 
> This patch fixees the nxp internal coverity reported
> null pointer dereferncing issue.

What is the coverity issue number? Can you please put it into commit log as
"Coverity issue: ###" format.

> 
> Fixes: 6fef517e17cf ("bus/fslmc: add qman HW fq query count API")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Apeksha Gupta <apeksha.gupta@nxp.com>

Ferruh Yigit May 6, 2020, 9:09 p.m. UTC | #2

On 5/6/2020 10:08 PM, Ferruh Yigit wrote:
> On 5/4/2020 1:41 PM, Hemant Agrawal wrote:
>> From: Apeksha Gupta <apeksha.gupta@nxp.com>
>>
>> This patch fixees the nxp internal coverity reported
>> null pointer dereferncing issue.
> 
> What is the coverity issue number? Can you please put it into commit log as
> "Coverity issue: ###" format.

Ahh, it says internal coverity, we need number only for public coverity, isn't
same issue reported on public coverity? If so we need that number.

> 
>>
>> Fixes: 6fef517e17cf ("bus/fslmc: add qman HW fq query count API")
>> Cc: stable@dpdk.org
>>
>> Signed-off-by: Apeksha Gupta <apeksha.gupta@nxp.com>
>

Ferruh Yigit May 6, 2020, 9:14 p.m. UTC | #3

On 5/4/2020 1:41 PM, Hemant Agrawal wrote:
> From: Apeksha Gupta <apeksha.gupta@nxp.com>
> 
> This patch fixees the nxp internal coverity reported
> null pointer dereferncing issue.
> 
> Fixes: 6fef517e17cf ("bus/fslmc: add qman HW fq query count API")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Apeksha Gupta <apeksha.gupta@nxp.com>
> ---
>  drivers/bus/fslmc/qbman/qbman_debug.c | 9 +++++----
>  1 file changed, 5 insertions(+), 4 deletions(-)
> 
> diff --git a/drivers/bus/fslmc/qbman/qbman_debug.c b/drivers/bus/fslmc/qbman/qbman_debug.c
> index 0bb2ce880f..34374ae4b6 100644
> --- a/drivers/bus/fslmc/qbman/qbman_debug.c
> +++ b/drivers/bus/fslmc/qbman/qbman_debug.c
> @@ -20,26 +20,27 @@ struct qbman_fq_query_desc {
>  	uint8_t verb;
>  	uint8_t reserved[3];
>  	uint32_t fqid;
> -	uint8_t reserved2[57];
> +	uint8_t reserved2[56];

Is decreasing 'reserved2' size related to null pointer de-referencing? This
looks unrelated.

>  };
>  
>  int qbman_fq_query_state(struct qbman_swp *s, uint32_t fqid,
>  			 struct qbman_fq_query_np_rslt *r)
>  {
>  	struct qbman_fq_query_desc *p;
> +	struct qbman_fq_query_np_rslt *var;
>  
>  	p = (struct qbman_fq_query_desc *)qbman_swp_mc_start(s);
>  	if (!p)
>  		return -EBUSY;
>  
>  	p->fqid = fqid;
> -	*r = *(struct qbman_fq_query_np_rslt *)qbman_swp_mc_complete(s, p,
> -						QBMAN_FQ_QUERY_NP);
> -	if (!r) {
> +	var = qbman_swp_mc_complete(s, p, QBMAN_FQ_QUERY_NP);
> +	if (!var) {
>  		pr_err("qbman: Query FQID %d NP fields failed, no response\n",
>  		       fqid);
>  		return -EIO;
>  	}
> +	*r = *var;
>  
>  	/* Decode the outcome */
>  	QBMAN_BUG_ON((r->verb & QBMAN_RESPONSE_VERB_MASK) != QBMAN_FQ_QUERY_NP);
>

diff mbox series

Patch

diff --git a/drivers/bus/fslmc/qbman/qbman_debug.c b/drivers/bus/fslmc/qbman/qbman_debug.c
index 0bb2ce880f..34374ae4b6 100644
--- a/drivers/bus/fslmc/qbman/qbman_debug.c
+++ b/drivers/bus/fslmc/qbman/qbman_debug.c
@@ -20,26 +20,27 @@  struct qbman_fq_query_desc {
 	uint8_t verb;
 	uint8_t reserved[3];
 	uint32_t fqid;
-	uint8_t reserved2[57];
+	uint8_t reserved2[56];
 };
 
 int qbman_fq_query_state(struct qbman_swp *s, uint32_t fqid,
 			 struct qbman_fq_query_np_rslt *r)
 {
 	struct qbman_fq_query_desc *p;
+	struct qbman_fq_query_np_rslt *var;
 
 	p = (struct qbman_fq_query_desc *)qbman_swp_mc_start(s);
 	if (!p)
 		return -EBUSY;
 
 	p->fqid = fqid;
-	*r = *(struct qbman_fq_query_np_rslt *)qbman_swp_mc_complete(s, p,
-						QBMAN_FQ_QUERY_NP);
-	if (!r) {
+	var = qbman_swp_mc_complete(s, p, QBMAN_FQ_QUERY_NP);
+	if (!var) {
 		pr_err("qbman: Query FQID %d NP fields failed, no response\n",
 		       fqid);
 		return -EIO;
 	}
+	*r = *var;
 
 	/* Decode the outcome */
 	QBMAN_BUG_ON((r->verb & QBMAN_RESPONSE_VERB_MASK) != QBMAN_FQ_QUERY_NP);