From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pa0-f53.google.com (mail-pa0-f53.google.com [209.85.220.53]) by dpdk.org (Postfix) with ESMTP id 1A5DD2BAB for ; Fri, 4 Mar 2016 23:41:59 +0100 (CET) Received: by mail-pa0-f53.google.com with SMTP id fi3so39916776pac.3 for ; Fri, 04 Mar 2016 14:41:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=networkplumber-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=L3X0HInnMB8hKVgbEsHNFsp8F7mcRigzgEIsBmhGx+4=; b=B/iLzGELGZKV1Xf9DJzv038BkPp+09hMELafXpkRYZrXitmua92k4wnBDq5uyK0y3j lsFyvtsf8soK97Jx6QewtXzaKuBgpxWBEjKalKXA3va5zS+5msuUPinj+C48mcAkKEXS 2VkmLIXrnBilYvucUKsuD3MaGz1YZy7Hks2Qpb6r1zpPEjapWsw69emXkIvpWj7mQ0Lj h7fI+x3TLvdBROteo32YNHp2pcjTPoY8JPIbTL9SScedyVWwS/62mBSjl6PMl9QIMfPJ yAD92w578xOBZzFPULmP/QLbWihnYR6HUGhHeP30a0fx7i8spT+q3X+guFqt7yXg+5Xm r1GQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:subject:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=L3X0HInnMB8hKVgbEsHNFsp8F7mcRigzgEIsBmhGx+4=; b=fDip0yEQsdvyQzsQU5E70Yj5UEiwqemiU95px4WRQlmOe+4dVMJINseLR6Qj8DyROG LjD0QfgMXol8X42eV7fyUgeMPQR2tIzWeG4E7YhiexYx+j3CNBQ42trNMlbWkuJj25eR vFc2KYWvs1xmEENj2sq985B3Fj3wr/zhBWiWeo3ZLEMO/tR3p45Uc3J8tCfISRKrmoIn 0o9K6BabdH+U5/GuNCj6xLC3JwxQzS5YJXeZy1YO8adeetz/93hTFRvQyONe+stZVBWA MlbyfAdQHFesICVQ11MnERQ9KVU7Bjs/CIiIJoIHqAZqUqq2gYWoE76/mcLm6qP4WJD3 +yWQ== X-Gm-Message-State: AD7BkJL/qtu5B800o6oJZgn2WJhWtDz4Kkyjg+ZYkg9wwTGciNBrXLslun2+V6zYdYljVQ== X-Received: by 10.66.90.136 with SMTP id bw8mr15721474pab.52.1457131318516; Fri, 04 Mar 2016 14:41:58 -0800 (PST) Received: from xeon-e3 (static-50-53-82-155.bvtn.or.frontiernet.net. [50.53.82.155]) by smtp.gmail.com with ESMTPSA id fk9sm7796350pad.9.2016.03.04.14.41.57 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 04 Mar 2016 14:41:58 -0800 (PST) Date: Fri, 4 Mar 2016 14:42:11 -0800 From: Stephen Hemminger To: Christian Ehrhardt Message-ID: <20160304144211.7d8512c9@xeon-e3> In-Reply-To: <1457087480-11216-1-git-send-email-christian.ehrhardt@canonical.com> References: <1457087480-11216-1-git-send-email-christian.ehrhardt@canonical.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: dev@dpdk.org Subject: Re: [dpdk-dev] [PATCH] lpm6: fix use after free of lpm in rte_lpm6_create X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Mar 2016 22:41:59 -0000 On Fri, 4 Mar 2016 11:31:20 +0100 Christian Ehrhardt wrote: > In certain autotests lpm->max_rules turned out to be non initialized. > That was caused by a failing allocation for lpm->rules_tbl in rte_lpm6_create. > It then left the function via goto exit with lpm freed, but still a pointer > value being set. > > In case of an allocation failure it resets lpm to NULL now, to avoid the > upper layers operate on that already freed memory. > Along that is also makes the RTE_LOG message of the failed allocation unique. > --- > lib/librte_lpm/rte_lpm6.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/lib/librte_lpm/rte_lpm6.c b/lib/librte_lpm/rte_lpm6.c > index 6c2b293..48931cc 100644 > --- a/lib/librte_lpm/rte_lpm6.c > +++ b/lib/librte_lpm/rte_lpm6.c > @@ -206,8 +206,9 @@ rte_lpm6_create(const char *name, int socket_id, > (size_t)rules_size, RTE_CACHE_LINE_SIZE, socket_id); > > if (lpm->rules_tbl == NULL) { > - RTE_LOG(ERR, LPM, "LPM memory allocation failed\n"); > + RTE_LOG(ERR, LPM, "LPM rules_tbl allocation failed\n"); > rte_free(lpm); > + lpm = NULL; > rte_free(te); > goto exit; > } Acked-by: Stephen Hemminger