[dpdk-dev] [PATCH v1 1/2] raw/ifpga/base: use untained variable as argument

Ferruh Yigit ferruh.yigit at intel.com
Wed Apr 7 16:57:14 CEST 2021


On 3/17/2021 8:23 AM, Wei Huang wrote:
> In fme_spi_init(), passing tainted expression "fme->max10_dev"
> to function "intel_max10_device_remove" has risk. Untainted
> variable "max10" should be used.
> 
> Coverity issue: 367480
> Fixes: 96ebfcf8125c ("raw/ifpga/base: add SPI and MAX10 device driver")
> 

Following is from the coverity:
2. tainted_return_value: Function intel_max10_device_probe returns tainted data.
3. var_assign: Assigning: max10 = intel_max10_device_probe(spi_master, 0), which 
taints max10
5. var_assign_var: Assigning: fme->max10_dev = max10. Both are now tainted.


'max10' is tainted at first place, and 'fme->max10_dev' is tainted because of 
'max10'. In this case how replacing 'fme->max10_dev' with 'max10' helps?

Did you verified that change is fixing the coverity issue?


And as the previous one, what is the exact problem, what is tainted data and how 
it is a problem, can you please describe?

> Signed-off-by: Wei Huang <wei.huang at intel.com>
> ---
>   drivers/raw/ifpga/base/ifpga_fme.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/drivers/raw/ifpga/base/ifpga_fme.c b/drivers/raw/ifpga/base/ifpga_fme.c
> index 43c7b9c3dc..a63f90331f 100644
> --- a/drivers/raw/ifpga/base/ifpga_fme.c
> +++ b/drivers/raw/ifpga/base/ifpga_fme.c
> @@ -1001,7 +1001,7 @@ static int fme_spi_init(struct ifpga_feature *feature)
>   	return ret;
>   
>   max10_fail:
> -	intel_max10_device_remove(fme->max10_dev);
> +	intel_max10_device_remove(max10);
>   spi_fail:
>   	altera_spi_release(spi_master);
>   	return ret;
> 



More information about the dev mailing list