From: Jerin Jacob <jerinjacobk@gmail.com>
To: Wenwu Ma <wenwux.ma@intel.com>
Cc: Olivier Matz <olivier.matz@6wind.com>, dpdk-dev <dev@dpdk.org>
Subject: Re: [dpdk-dev] [PATCH] mbuf: Fix illegal pointer access to mempool members
Date: Wed, 31 Mar 2021 12:42:34 +0530 [thread overview]
Message-ID: <CALBAE1PrW3=F84mYG+ciQ=2fNNsnx_MQYmMQ6qGy=vM1565ghA@mail.gmail.com> (raw)
In-Reply-To: <20210331134319.3035-1-wenwux.ma@intel.com>
On Wed, Mar 31, 2021 at 7:19 AM Wenwu Ma <wenwux.ma@intel.com> wrote:
>
> Before accessing the private data of mempool in
> function rte_pktmbuf_priv_size() and rte_pktmbuf_data_room_size(),
> it is necessary to determine whether the private data exists,
> otherwise it will cause null pointer access.
>
> Signed-off-by: Wenwu Ma <wenwux.ma@intel.com>
> ---
> lib/librte_mbuf/rte_mbuf.h | 6 ++++++
> 1 file changed, 6 insertions(+)
>
> diff --git a/lib/librte_mbuf/rte_mbuf.h b/lib/librte_mbuf/rte_mbuf.h
> index c4c9ebfaa..6c2559550 100644
> --- a/lib/librte_mbuf/rte_mbuf.h
> +++ b/lib/librte_mbuf/rte_mbuf.h
> @@ -811,6 +811,9 @@ rte_pktmbuf_data_room_size(struct rte_mempool *mp)
> {
> struct rte_pktmbuf_pool_private *mbp_priv;
>
> + if (mp->private_data_size < sizeof(struct rte_pktmbuf_pool_private))
> + return 0;
If mp->private_data_size updated in the slow path at mempool create
time, why not have this sanity check in the slow path?
> +
> mbp_priv = (struct rte_pktmbuf_pool_private *)rte_mempool_get_priv(mp);
> return mbp_priv->mbuf_data_room_size;
> }
> @@ -832,6 +835,9 @@ rte_pktmbuf_priv_size(struct rte_mempool *mp)
> {
> struct rte_pktmbuf_pool_private *mbp_priv;
>
> + if (mp->private_data_size < sizeof(struct rte_pktmbuf_pool_private))
> + return 0;
> +
> mbp_priv = (struct rte_pktmbuf_pool_private *)rte_mempool_get_priv(mp);
> return mbp_priv->mbuf_priv_size;
> }
> --
> 2.25.1
>
next prev parent reply other threads:[~2021-03-31 7:12 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-31 13:43 Wenwu Ma
2021-03-31 7:12 ` Jerin Jacob [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-03-31 19:02 Wenwu Ma
2021-03-30 14:07 wenwux.ma
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CALBAE1PrW3=F84mYG+ciQ=2fNNsnx_MQYmMQ6qGy=vM1565ghA@mail.gmail.com' \
--to=jerinjacobk@gmail.com \
--cc=dev@dpdk.org \
--cc=olivier.matz@6wind.com \
--cc=wenwux.ma@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).