On 5/4/2020 1:41 PM, Hemant Agrawal wrote:
> From: Apeksha Gupta <apeksha.gu...@nxp.com>
>
> This patch fixees the nxp internal coverity reported
> null pointer dereferncing issue.
>
> Fixes: 6fef517e17cf ("bus/fslmc: add qman HW fq query count API")
> Cc: sta...@dpdk.org
>
> Signed-off-by: Apeksha Gupta <apeksha.gu...@nxp.com>
> ---
> drivers/bus/fslmc/qbman/qbman_debug.c | 9 +++++----
> 1 file changed, 5 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/bus/fslmc/qbman/qbman_debug.c
> b/drivers/bus/fslmc/qbman/qbman_debug.c
> index 0bb2ce880f..34374ae4b6 100644
> --- a/drivers/bus/fslmc/qbman/qbman_debug.c
> +++ b/drivers/bus/fslmc/qbman/qbman_debug.c
> @@ -20,26 +20,27 @@ struct qbman_fq_query_desc {
> uint8_t verb;
> uint8_t reserved[3];
> uint32_t fqid;
> - uint8_t reserved2[57];
> + uint8_t reserved2[56];
Is decreasing 'reserved2' size related to null pointer de-referencing? This
looks unrelated.
> };
>
> int qbman_fq_query_state(struct qbman_swp *s, uint32_t fqid,
> struct qbman_fq_query_np_rslt *r)
> {
> struct qbman_fq_query_desc *p;
> + struct qbman_fq_query_np_rslt *var;
>
> p = (struct qbman_fq_query_desc *)qbman_swp_mc_start(s);
> if (!p)
> return -EBUSY;
>
> p->fqid = fqid;
> - *r = *(struct qbman_fq_query_np_rslt *)qbman_swp_mc_complete(s, p,
> - QBMAN_FQ_QUERY_NP);
> - if (!r) {
> + var = qbman_swp_mc_complete(s, p, QBMAN_FQ_QUERY_NP);
> + if (!var) {
> pr_err("qbman: Query FQID %d NP fields failed, no response\n",
> fqid);
> return -EIO;
> }
> + *r = *var;
>
> /* Decode the outcome */
> QBMAN_BUG_ON((r->verb & QBMAN_RESPONSE_VERB_MASK) != QBMAN_FQ_QUERY_NP);
>
