Gcc-16 complains about possible reference outside of array
when managing flex filter. This is a false positive because the
filter length can never be that long, but compiler can't detect
that. Add guard rail check to only loop over possible array.
../drivers/net/intel/e1000/igb_ethdev.c:4265:23: note: at offset 152 into
destination object of size 176 allocated by ‘rte_zmalloc’
4265 | flex_filter = rte_zmalloc("e1000_flex_filter",
| ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
4266 | sizeof(struct e1000_flex_filter), 0);
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
../drivers/net/intel/e1000/igb_ethdev.c:4280:50: warning: writing 64 bytes into
a region of size 0 [-Wstringop-overflow=]
4280 | flex_filter->filter_info.mask[i] = mask;
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^~~~~~
Signed-off-by: Stephen Hemminger <[email protected]>
---
drivers/net/intel/e1000/igb_ethdev.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/drivers/net/intel/e1000/igb_ethdev.c
b/drivers/net/intel/e1000/igb_ethdev.c
index f4e2a6442e..66988cd90d 100644
--- a/drivers/net/intel/e1000/igb_ethdev.c
+++ b/drivers/net/intel/e1000/igb_ethdev.c
@@ -4270,7 +4270,8 @@ eth_igb_add_del_flex_filter(struct rte_eth_dev *dev,
flex_filter->filter_info.len = filter->len;
flex_filter->filter_info.priority = filter->priority;
memcpy(flex_filter->filter_info.dwords, filter->bytes, filter->len);
- for (i = 0; i < RTE_ALIGN(filter->len, CHAR_BIT) / CHAR_BIT; i++) {
+ for (i = 0; i < RTE_ALIGN(filter->len, CHAR_BIT) / CHAR_BIT
+ && i < E1000_FLEX_FILTERS_MASK_SIZE; i++) {
mask = 0;
/* reverse bits in flex filter's mask*/
for (shift = 0; shift < CHAR_BIT; shift++) {
--
2.51.0
