From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 8CEACA0C46 for ; Fri, 23 Jul 2021 04:23:00 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 7F2C7410E2; Fri, 23 Jul 2021 04:23:00 +0200 (CEST) Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mails.dpdk.org (Postfix) with ESMTP id 41AFC40E6E; Fri, 23 Jul 2021 04:22:58 +0200 (CEST) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id AB4CE113E; Thu, 22 Jul 2021 19:22:57 -0700 (PDT) Received: from wls-arm-cavium06.shanghai.arm.com (wls-arm-cavium06.shanghai.arm.com [10.169.206.120]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 20B393F694; Thu, 22 Jul 2021 19:22:55 -0700 (PDT) From: Richael Zhuang To: dev@dpdk.org Cc: richael.zhuang@arm.com, stable@dpdk.org, David Hunt Date: Fri, 23 Jul 2021 10:22:42 +0800 Message-Id: <20210723022242.8092-2-richael.zhuang@arm.com> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20210723022242.8092-1-richael.zhuang@arm.com> References: <20210723021313.7085-2-richael.zhuang@arm.com> <20210723022242.8092-1-richael.zhuang@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Subject: [dpdk-stable] [PATCH v3 1/1] power: check freq count before filling the freqs array X-BeenThere: stable@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: patches for DPDK stable branches List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: stable-bounces@dpdk.org Sender: "stable" The freqs array size is RTE_MAX_LCORE_FREQS. Before filling the array with num_freqs elements, restrict the total num to RTE_MAX_LCORE_FREQS. This fix aims to fix the coverity scan issue like: Overrunning array "pi->freqs" of 256 bytes by passing it to a function which accesses it at byte offset 464. Coverity issue: 371913 Fixes: ef1cc88f1837 ("power: support cppc_cpufreq driver") Cc: richael.zhuang@arm.com Cc: stable@dpdk.org Signed-off-by: Richael Zhuang --- lib/power/power_cppc_cpufreq.c | 5 +++++ lib/power/power_pstate_cpufreq.c | 5 +++++ 2 files changed, 10 insertions(+) diff --git a/lib/power/power_cppc_cpufreq.c b/lib/power/power_cppc_cpufreq.c index e92973ab54..db63c2cc10 100644 --- a/lib/power/power_cppc_cpufreq.c +++ b/lib/power/power_cppc_cpufreq.c @@ -246,6 +246,11 @@ power_get_available_freqs(struct cppc_power_info *pi) pi->nominal_perf * UNIT_DIFF : pi->nominal_perf; num_freqs = (nominal_perf - scaling_min_freq) / BUS_FREQ + 1 + pi->turbo_available; + if (num_freqs >= RTE_MAX_LCORE_FREQS) { + RTE_LOG(ERR, POWER, "Too many available frequencies : %d\n", + num_freqs); + goto out; + } /* Generate the freq bucket array. */ for (i = 0, pi->nb_freqs = 0; i < num_freqs; i++) { diff --git a/lib/power/power_pstate_cpufreq.c b/lib/power/power_pstate_cpufreq.c index 3b607515fd..619090c8d1 100644 --- a/lib/power/power_pstate_cpufreq.c +++ b/lib/power/power_pstate_cpufreq.c @@ -419,6 +419,11 @@ power_get_available_freqs(struct pstate_power_info *pi) */ num_freqs = (base_max_freq - sys_min_freq) / BUS_FREQ + 1 + pi->turbo_available; + if (num_freqs >= RTE_MAX_LCORE_FREQS) { + RTE_LOG(ERR, POWER, "Too many available frequencies : %d\n", + num_freqs); + goto out; + } /* Generate the freq bucket array. * If turbo is available the freq bucket[0] value is base_max +1 -- 2.20.1