From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 98D4DA0544; Mon, 10 Oct 2022 17:31:21 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 8AC6A427F6; Mon, 10 Oct 2022 17:31:21 +0200 (CEST) Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) by mails.dpdk.org (Postfix) with ESMTP id 2497A4021E for ; Mon, 10 Oct 2022 17:31:20 +0200 (CEST) Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.nyi.internal (Postfix) with ESMTP id D23525C0130; Mon, 10 Oct 2022 11:31:19 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Mon, 10 Oct 2022 11:31:19 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=monjalon.net; h= cc:cc:content-transfer-encoding:content-type:date:date:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to; s=fm3; t=1665415879; x= 1665502279; bh=BPVEglEYXgJySxYIlvlUAoHkjTYV5m+sP9FUXIJTit0=; b=z MxlZyWahK8sHy9+mS5lGW7iE7732gCCCsaaO0PEfX2jNu3x1aIMQXswyKewTlpV+ n9nXaQ9GVUA8A4qPXcf5RFbq1q8iNfCU0+oy+dZ5AJ70OXIvCgwmuD4S0458EZpJ SbCpi/kVGVL+Mni2PWQFiAR0+Q3ZQp9MON0TkyxoNnQhk/nzom5L7BeJphsTOkrS jqCmbKHXvNhHhzATnynF0eAfNtx33pKLjoem5PscfZLEhhOMAcRW8CX7ln+33LjD /GC7mKPfj/rcfM/YH1KyGf5VcdpuRNsSigJ5Lk1krw6tNT88bqK8QhvKWNNWshMc /dF71PFXdwTpswXq5/+Hw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:date:date:feedback-id:feedback-id:from:from :in-reply-to:in-reply-to:message-id:mime-version:references :reply-to:sender:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1665415879; x= 1665502279; bh=BPVEglEYXgJySxYIlvlUAoHkjTYV5m+sP9FUXIJTit0=; b=J TxPOxt+dtvFATMAKpy9MRCIJEIZTFpo7Y6EcKwRA7Rxb5o7+W93GAyUGhZ3+/DFG U5HYWMfmoT9E+FqvowdXarp7laBAiO153jWoF0fv1yghWxiICj0YMleJN7yUB3x0 dm05n2ew50VcQrzPt3PFYnvWPmzf8aNTwcLrdJSnL38AR60T31ME0ko7jGDVka3g IWoqkLbaLgg2VUMeukL7ubPXhkdoQbEj5873HCsgFTma3ef4xkAFVeukl4BfJNhA m3s59FlSXiSOIE+r5DZpCRGB/ZsfJ879ufF85x6UJGkChBjMcsWotq91I5LcIrPS TE1quDlK3uFZozZFuC+2g== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvfedrfeejgedgkeegucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne cujfgurhephffvvefufffkjghfggfgtgesthfuredttddtvdenucfhrhhomhepvfhhohhm rghsucfoohhnjhgrlhhonhcuoehthhhomhgrshesmhhonhhjrghlohhnrdhnvghtqeenuc ggtffrrghtthgvrhhnpedtjeeiieefhedtfffgvdelteeufeefheeujefgueetfedttdei kefgkeduhedtgfenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfh hrohhmpehthhhomhgrshesmhhonhhjrghlohhnrdhnvght X-ME-Proxy: Feedback-ID: i47234305:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 10 Oct 2022 11:31:18 -0400 (EDT) From: Thomas Monjalon To: Zhirun Yan , Jerin Jacob Kollanukkaran Cc: "dev@dpdk.org" , Kiran Kumar Kokkilagadda , Cunming Liang Subject: Re: [EXT] [PATCH v2] graph: fix out of bounds access when re-allocate node objs Date: Mon, 10 Oct 2022 17:31:17 +0200 Message-ID: <12812360.EVyyLHbfrO@thomas> In-Reply-To: References: <20220727023924.2066465-1-zhirun.yan@intel.com> <20220804060241.1581110-1-zhirun.yan@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org > > For __rte_node_enqueue_prologue(), If the number of objs is more than the > > node->size * 2, the extra objs will write out of bounds memory. > > It should use __rte_node_stream_alloc_size() to request enough memory. > > > > And for rte_node_next_stream_put(), it will re-allocate a small size, when the > > node free space is small and new objs is less than the current > > node->size. Some objs pointers behind new size may be lost. And it will > > cause memory leak. It should request enough size of memory, containing the > > original objs and new objs at least. > > > > Fixes: 40d4f51403ec ("graph: implement fastpath routines") > > > > Signed-off-by: Zhirun Yan > > Signed-off-by: Cunming Liang > > Acked-by: Jerin Jacob Applied, thanks.