net/i40e/base: fix potential out of bound array access

This is fix for klocwork issue where dcbcfg->numapps could
be greater than size of array (i.e dcbcfg->app[I40E_DCBX_MAX_APPS]).
The fix makes sure the array is not accessed past size of array
(i.e. I40E_DCBX_MAX_APPS).

Fixes: 166dceeeeafc ("i40e/base: add parsing for CEE DCBX TLVs")
Cc: stable@dpdk.org
Signed-off-by: Jingjing Wu <jingjing.wu@intel.com>

diff --git a/drivers/net/i40e/base/i40e_dcb.c b/drivers/net/i40e/base/i40e_dcb.c
index 26c344f..9b5405d 100644 (file)
--- a/drivers/net/i40e/base/i40e_dcb.c
+++ b/drivers/net/i40e/base/i40e_dcb.c
@@ -396,6 +396,8 @@ static void i40e_parse_cee_app_tlv(struct i40e_cee_feat_tlv *tlv,
        dcbcfg->numapps = length / sizeof(*app);
        if (!dcbcfg->numapps)
                return;
+       if (dcbcfg->numapps > I40E_DCBX_MAX_APPS)
+               dcbcfg->numapps = I40E_DCBX_MAX_APPS;
 
        for (i = 0; i < dcbcfg->numapps; i++) {
                u8 up, selector;