From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qg0-f51.google.com (mail-qg0-f51.google.com [209.85.192.51]) by dpdk.org (Postfix) with ESMTP id 3F1DE2C59 for ; Wed, 16 Mar 2016 14:34:48 +0100 (CET) Received: by mail-qg0-f51.google.com with SMTP id a36so11068957qge.0 for ; Wed, 16 Mar 2016 06:34:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=canonical-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=MGapuebrMLT6YFLiv5V1f0R7iQoFPGXUcybSQd3apTM=; b=gPjHQhQNYGmnAjvdlc4G4Bl+1RRRE/1T+3kNhhesasjN4yL7pmornz0+/XgMjn45My 6+TMMQ7tXt/raIxmhgxVvtxu/18WEyEDzzOkNJ5CUB+Ay0158PFgeJAFoxkU82RrANvE 9VqG8GW3WuEwvIUU52isUGy6tFIiMMuBB1VtHIAofGTZzJsnLq1k2W2VV6bFFb938bqz NqtQG1xKc9IjJ3blVhBgh+MtJhbTXGWS1XMnRglE4+hZRisosXZ+BsH2evdseCJ+Dhxj s6XrjcEzSxWtY2oAT1LAO/6xdAExfC3umuihtvi3gumv5vRhw4Hy0zryPlUEHnWjwjBk X5XA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=MGapuebrMLT6YFLiv5V1f0R7iQoFPGXUcybSQd3apTM=; b=MOkOF6g+hOTBCq3LuuvvKHnDLAje9BHjfrKOI46Q+/gNfHHlx57moZU4FjtDiCvcp0 CEP7bRfWjVGxNrUdrp+QvPk643F8UFjL9PSqEdkemPa+r6fdkVdhsBqA5BcuhNCAR+TF xk3jV8PFKlK37Te6OWJ+5V8Th85swN3fb683JbxBegcwuY4UdXJ6gPJY6HAr3xRKZkgl ilHEaZA7dNT+dfBIEj4JsDGp7iTbgmZQNA2rDGQ0zXftMxs8X4IoMHWWtK0/5EUXFdIR NlG/0SdumeomBlXsJMheOaeTrbwFuMQCQCiCOKILQhgxWFku3qq85m0gFEoPvB/Fzi06 411Q== X-Gm-Message-State: AD7BkJJcaGgPO047kCzG79Ew8VYR0HSPT47qulSG5dAEGNf2Pu+sgcVuwH31iguAKzwRFNCRd0cVR0m8QR+C8u5V X-Received: by 10.140.156.138 with SMTP id c132mr5568026qhc.96.1458135287650; Wed, 16 Mar 2016 06:34:47 -0700 (PDT) MIME-Version: 1.0 Received: by 10.55.169.6 with HTTP; Wed, 16 Mar 2016 06:34:28 -0700 (PDT) In-Reply-To: <56E95C29.1060600@6wind.com> References: <1458131629-21925-1-git-send-email-christian.ehrhardt@canonical.com> <1458131629-21925-4-git-send-email-christian.ehrhardt@canonical.com> <56E95C29.1060600@6wind.com> From: Christian Ehrhardt Date: Wed, 16 Mar 2016 14:34:28 +0100 Message-ID: To: Olivier MATZ Cc: Bruce Richardson , dev Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.15 Subject: Re: [dpdk-dev] [PATCH 3/3] lpm: fix missing free of lpm X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Mar 2016 13:34:48 -0000 Hi, looking at it I think we have intersections but also parts of yours that I missed. More than that while applying your changes I found other potential use-after free cases. I'll wrap that all up together in a v3 of my series. Christian Ehrhardt Software Engineer, Ubuntu Server Canonical Ltd On Wed, Mar 16, 2016 at 2:14 PM, Olivier MATZ wrote: > Hi Christian, > > On 03/16/2016 01:33 PM, Christian Ehrhardt wrote: > >> Fixing lpm6 regarding a similar issue showed that that in rte_lpm_free lpm >> might not be freed if it didn't find a te (early return) >> >> Acked-by: Bruce Richardson >> Signed-off-by: Christian Ehrhardt >> --- >> lib/librte_lpm/rte_lpm.c | 8 ++------ >> 1 file changed, 2 insertions(+), 6 deletions(-) >> >> diff --git a/lib/librte_lpm/rte_lpm.c b/lib/librte_lpm/rte_lpm.c >> index ccaaa2a..d5fa1f8 100644 >> --- a/lib/librte_lpm/rte_lpm.c >> +++ b/lib/librte_lpm/rte_lpm.c >> @@ -360,12 +360,8 @@ rte_lpm_free_v20(struct rte_lpm_v20 *lpm) >> if (te->data == (void *) lpm) >> break; >> } >> - if (te == NULL) { >> - rte_rwlock_write_unlock(RTE_EAL_TAILQ_RWLOCK); >> - return; >> - } >> - >> - TAILQ_REMOVE(lpm_list, te, next); >> + if (te != NULL) >> + TAILQ_REMOVE(lpm_list, te, next); >> >> rte_rwlock_write_unlock(RTE_EAL_TAILQ_RWLOCK); >> >> >> > I've just seen you had already posted a series on this topic. > It looks that some free() are missing in lpm.c: > > Could you please check my version of the patch (which was not as > complete as your series)? > http://dpdk.org/dev/patchwork/patch/11526/ > > Regards, > Olivier >