From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by dpdk.org (Postfix) with ESMTP id ACB622BD5; Tue, 27 Nov 2018 10:46:00 +0100 (CET) X-Amp-Result: UNKNOWN X-Amp-Original-Verdict: FILE UNKNOWN X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 27 Nov 2018 01:45:59 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.56,286,1539673200"; d="scan'208";a="114057934" Received: from btwcube1.sh.intel.com (HELO debian) ([10.67.104.173]) by fmsmga001.fm.intel.com with ESMTP; 27 Nov 2018 01:45:58 -0800 Date: Tue, 27 Nov 2018 17:44:10 +0800 From: Tiwei Bie To: Maxime Coquelin Cc: dev@dpdk.org, zhihong.wang@intel.com, jfreimann@redhat.com, stable@dpdk.org Message-ID: <20181127094409.GA20896@debian> References: <20181127092325.25758-1-maxime.coquelin@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <20181127092325.25758-1-maxime.coquelin@redhat.com> User-Agent: Mutt/1.10.1 (2018-07-13) Subject: Re: [dpdk-dev] [PATCH] vhost: fix possible null pointer dereferencing X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Nov 2018 09:46:01 -0000 On Tue, Nov 27, 2018 at 10:23:25AM +0100, Maxime Coquelin wrote: > If mmap() call fails in vhost_user_set_mem_table, dev->mem > is set to NULL. If later, qva_to_vva() is called, a segfault > occurs. > > Fixes: 8f972312b8f4 ("vhost: support vhost-user") > Cc: stable@dpdk.org > > Signed-off-by: Maxime Coquelin > --- > lib/librte_vhost/vhost_user.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/lib/librte_vhost/vhost_user.c b/lib/librte_vhost/vhost_user.c > index 3ea64eba6..c44fef9cc 100644 > --- a/lib/librte_vhost/vhost_user.c > +++ b/lib/librte_vhost/vhost_user.c > @@ -489,6 +489,9 @@ qva_to_vva(struct virtio_net *dev, uint64_t qva, uint64_t *len) > struct rte_vhost_mem_region *r; > uint32_t i; > > + if (unlikely(!dev || !dev->mem)) > + return 0; Better to also zero *len. Reviewed-by: Tiwei Bie > + > /* Find the region where the address lives. */ > for (i = 0; i < dev->mem->nregions; i++) { > r = &dev->mem->regions[i]; > -- > 2.17.2 >