From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by dpdk.org (Postfix) with ESMTP id 68C9D5680 for ; Tue, 5 Jul 2016 13:43:22 +0200 (CEST) Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga104.fm.intel.com with ESMTP; 05 Jul 2016 04:43:22 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.26,579,1459839600"; d="scan'208";a="989407200" Received: from dpdk06.sh.intel.com ([10.239.128.225]) by orsmga001.jf.intel.com with ESMTP; 05 Jul 2016 04:43:18 -0700 From: Jianfeng Tan To: dev@dpdk.org Cc: yuanhan.liu@linux.intel.com, huawei.xie@intel.com, michalx.k.jastrzebski@intel.com, Jianfeng Tan Date: Tue, 5 Jul 2016 11:42:59 +0000 Message-Id: <1467718979-20904-1-git-send-email-jianfeng.tan@intel.com> X-Mailer: git-send-email 2.1.4 Subject: [dpdk-dev] [PATCH] net/virtio: fix null pointer dereference X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Jul 2016 11:43:22 -0000 There is a logic bug in this code, that could lead to null pointer dereference when cvq is NULL. Fix this problem by changing logic _and_ to logic _or_. >> CID 127480: Null pointer dereferences (FORWARD_NULL) >> Dereferencing null pointer "cvq". if (!cvq && !cvq->vq) { ... } Coverity issue: 127480 Fixes: 01ad44fd374f ("net/virtio: split Rx/Tx queue") Signed-off-by: Jianfeng Tan --- drivers/net/virtio/virtio_ethdev.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/drivers/net/virtio/virtio_ethdev.c b/drivers/net/virtio/virtio_ethdev.c index 480daa3..828afef 100644 --- a/drivers/net/virtio/virtio_ethdev.c +++ b/drivers/net/virtio/virtio_ethdev.c @@ -166,7 +166,7 @@ virtio_send_command(struct virtnet_ctl *cvq, struct virtio_pmd_ctrl *ctrl, ctrl->status = status; - if (!cvq && !cvq->vq) { + if (!cvq || !cvq->vq) { PMD_INIT_LOG(ERR, "Control queue is not supported."); return -1; } -- 2.1.4