From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from dpdk.org (dpdk.org [92.243.14.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 8C7B9A0613
	for <public@inbox.dpdk.org>; Wed, 25 Sep 2019 07:52:22 +0200 (CEST)
Received: from [92.243.14.124] (localhost [127.0.0.1])
	by dpdk.org (Postfix) with ESMTP id 77E613195;
	Wed, 25 Sep 2019 07:52:20 +0200 (CEST)
Received: from mga12.intel.com (mga12.intel.com [192.55.52.136])
 by dpdk.org (Postfix) with ESMTP id 1ED5B2C37;
 Wed, 25 Sep 2019 07:52:17 +0200 (CEST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from orsmga004.jf.intel.com ([10.7.209.38])
 by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 24 Sep 2019 22:52:16 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.64,546,1559545200"; d="scan'208";a="340308551"
Received: from pgsmsx102.gar.corp.intel.com ([10.221.44.80])
 by orsmga004.jf.intel.com with ESMTP; 24 Sep 2019 22:52:15 -0700
Received: from pgsmsx106.gar.corp.intel.com (10.221.44.98) by
 PGSMSX102.gar.corp.intel.com (10.221.44.80) with Microsoft SMTP Server (TLS)
 id 14.3.439.0; Wed, 25 Sep 2019 13:46:53 +0800
Received: from pgsmsx102.gar.corp.intel.com ([169.254.6.203]) by
 PGSMSX106.gar.corp.intel.com ([169.254.9.23]) with mapi id 14.03.0439.000;
 Wed, 25 Sep 2019 13:46:53 +0800
From: "Gujjar, Abhinandan S" <abhinandan.gujjar@intel.com>
To: "Chaitanya Babu, TalluriX" <tallurix.chaitanya.babu@intel.com>,
 "dev@dpdk.org" <dev@dpdk.org>
CC: "Pattan, Reshma" <reshma.pattan@intel.com>, "Parthasarathy, JananeeX M"
 <jananeex.m.parthasarathy@intel.com>, "stable@dpdk.org" <stable@dpdk.org>
Thread-Topic: [PATCH] lib/eventdev: fix null pointer dereferences coverity
 issue
Thread-Index: AQHVb4KNSDkKwGrXLUqy795SBdjFXac76CgA
Date: Wed, 25 Sep 2019 05:46:53 +0000
Message-ID: <5612CB344B05EE4F95FC5B729939F78079549005@PGSMSX102.gar.corp.intel.com>
References: <1568963369-6449-1-git-send-email-tallurix.chaitanya.babu@intel.com>
In-Reply-To: <1568963369-6449-1-git-send-email-tallurix.chaitanya.babu@intel.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-ctpclassification: CTP_NT
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZGEyOTFlNWItNWM2MS00ODZmLWJlMTItNzVjZTcwYzg2ODUxIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoidW1yUjR5cE9jUEFOaW5pd1hSYkhDa2g5V1ZCclhneE50M2prVDdZYWpZUlFtQ20wNGNOdE50dDFhMk5vTTIzcSJ9
dlp-product: dlpe-windows
dlp-version: 11.2.0.6
dlp-reaction: no-action
x-originating-ip: [172.30.20.206]
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Subject: Re: [dpdk-dev] [PATCH] lib/eventdev: fix null pointer dereferences
 coverity issue
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org
Sender: "dev" <dev-bounces@dpdk.org>

Please find the comments inline

> -----Original Message-----
> From: Chaitanya Babu, TalluriX
> Sent: Friday, September 20, 2019 12:39 PM
> To: dev@dpdk.org
> Cc: Pattan, Reshma <reshma.pattan@intel.com>; Parthasarathy, JananeeX M
> <jananeex.m.parthasarathy@intel.com>; Gujjar, Abhinandan S
> <abhinandan.gujjar@intel.com>; Chaitanya Babu, TalluriX
> <tallurix.chaitanya.babu@intel.com>; stable@dpdk.org
> Subject: [PATCH] lib/eventdev: fix null pointer dereferences coverity iss=
ue
>=20
> One issue caught by Coverity 340075
> *deref_ptr: Directly dereferencing pointer qp_info.
>=20
> In eca_enq_to_cryptodev() qp_info dereferenced without null check in both
> session and sessionless crypto ops.
>=20
> The fix is to access qp_info after null check.
>=20
> Coverity issue: 340075
> Fixes: 7901eac340 ("eventdev: add crypto adapter implementation")
> Cc: stable@dpdk.org
>=20
> Signed-off-by: Chaitanya Babu Talluri <tallurix.chaitanya.babu@intel.com>
> ---
>  lib/librte_eventdev/rte_event_crypto_adapter.c | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>=20
> diff --git a/lib/librte_eventdev/rte_event_crypto_adapter.c
> b/lib/librte_eventdev/rte_event_crypto_adapter.c
> index 22d910816..4f3f57348 100644
> --- a/lib/librte_eventdev/rte_event_crypto_adapter.c
> +++ b/lib/librte_eventdev/rte_event_crypto_adapter.c
> @@ -356,7 +356,7 @@ eca_enq_to_cryptodev(struct
> rte_event_crypto_adapter *adapter,
>  			cdev_id =3D m_data->request_info.cdev_id;
>  			qp_id =3D m_data->request_info.queue_pair_id;
>  			qp_info =3D &adapter->cdevs[cdev_id].qpairs[qp_id];
> -			if (!qp_info->qp_enabled) {
> +			if ((qp_info =3D=3D NULL) || (!qp_info->qp_enabled)) {
qp_info cannot be null as the memory allocation is done in=20
rte_event_crypto_adapter_queue_pair_add() -> eca_add_queue_pair().
Please refer line #736 which is allocating memory for "dev_info->dev->data-=
>nb_queue_pairs"

Without queue_pair_add(), service core cannot be started [Please look at ec=
a_init_service()].
This issue can be marked to ignore in klockworks.

>  				rte_pktmbuf_free(crypto_op->sym->m_src);
>  				rte_crypto_op_free(crypto_op);
>  				continue;
> @@ -372,7 +372,7 @@ eca_enq_to_cryptodev(struct
> rte_event_crypto_adapter *adapter,
>  			cdev_id =3D m_data->request_info.cdev_id;
>  			qp_id =3D m_data->request_info.queue_pair_id;
>  			qp_info =3D &adapter->cdevs[cdev_id].qpairs[qp_id];
> -			if (!qp_info->qp_enabled) {
> +			if ((qp_info =3D=3D NULL) || (!qp_info->qp_enabled)) {
>  				rte_pktmbuf_free(crypto_op->sym->m_src);
>  				rte_crypto_op_free(crypto_op);
>  				continue;
> --
> 2.17.2