From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by dpdk.org (Postfix) with ESMTP id 2D3EC2C8 for ; Tue, 19 Jul 2016 10:42:08 +0200 (CEST) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga102.fm.intel.com with ESMTP; 19 Jul 2016 01:42:07 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.28,388,1464678000"; d="scan'208";a="1024625727" Received: from irsmsx109.ger.corp.intel.com ([163.33.3.23]) by fmsmga002.fm.intel.com with ESMTP; 19 Jul 2016 01:42:07 -0700 Received: from irsmsx103.ger.corp.intel.com ([169.254.3.204]) by IRSMSX109.ger.corp.intel.com ([169.254.13.193]) with mapi id 14.03.0248.002; Tue, 19 Jul 2016 09:42:05 +0100 From: "Mcnamara, John" To: Rahul Lakkireddy , "dev@dpdk.org" CC: Kumar Sanghvi , Nirranjan Kirubaharan , Arjun V Thread-Topic: DPDK Coverity issue 127559 Thread-Index: AQHR4ZYO7iZuF/nKA0aCDPnegexsqKAfbC1A Date: Tue, 19 Jul 2016 08:42:04 +0000 Message-ID: References: <201607041529.u64FTntT009098@sivswdev02.ir.intel.com> <20160719081601.GA12140@chelsio.com> In-Reply-To: <20160719081601.GA12140@chelsio.com> Accept-Language: en-GB, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ctpclassification: CTP_IC x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiMjY3NTQyNTEtOTdlNy00MmQ0LWFjNzEtYTdjMWZlMmZkZTA3IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE1LjkuNi42IiwiVHJ1c3RlZExhYmVsSGFzaCI6IlJcL1ZETGI3T0NhVmVHZUttY3Z4ZUFhZHdBeHRGSWVqV05wRzdYSmtVdm9BPSJ9 x-originating-ip: [163.33.239.181] Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: [dpdk-dev] DPDK Coverity issue 127559 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jul 2016 08:42:08 -0000 > -----Original Message----- > From: Rahul Lakkireddy [mailto:rahul.lakkireddy@chelsio.com] > Sent: Tuesday, July 19, 2016 9:16 AM > To: Mcnamara, John ; dev@dpdk.org > Cc: Kumar Sanghvi ; Nirranjan Kirubaharan > ; Arjun V > Subject: Re: DPDK Coverity issue 127559 >=20 > Hi all, >=20 > > 907 if (err) > > 908 goto out; > > 909 > > >>> CID 127559: (TAINTED_SCALAR) > > >>> Assigning: "p" =3D "(u32 *)buf". Both are now tainted. > > 910 for (p =3D (u32 *)buf; !err && aligned_len; aligned_len -=3D 4= , > p++) { > > 911 err =3D eeprom_wr_phys(adapter, aligned_offset, *p); > > 912 aligned_offset +=3D 4; > > 913 } > > 914 > > 915 if (!err) > > >=20 > I'm not an expert in Coverity and am having trouble understanding what th= e > defect is and need some clarification. Is it telling me that "buf" > is being used without doing lower and upper bounds check? Hi, There is a lot more context when you view the defect through the Coverity w= eb interface. Basically it is saying that the data in buf comes from the user ("is tainte= d") and as such can't be trusted. Usually you need to provide some bound, o= r other, checks to protect against/untaint the data. However, in this case = it looks like the data is coming from an eeprom rather than a "user" so it = is probably a false positive. However, you should look at the full context online and decide for yourself= . Then update the status in the Coverity interface and add a comment on you= r decision. John