From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id C9EF3A00C3; Wed, 15 Dec 2021 09:01:18 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id B32B3410D5; Wed, 15 Dec 2021 09:01:18 +0100 (CET) Received: from sender11-of-o51.zoho.eu (sender11-of-o51.zoho.eu [31.186.226.237]) by mails.dpdk.org (Postfix) with ESMTP id EC40640DFD; Wed, 15 Dec 2021 09:01:16 +0100 (CET) ARC-Seal: i=1; a=rsa-sha256; t=1639555274; cv=none; d=zohomail.eu; s=zohoarc; b=FJnwwU6I/aoIDBrWCBzeVhJNDsFtAqC6BacxVZOxnZ8JFb1WiyK4WknkDDrOMb4SbqvTm0KwGUiXUSpiX8xrJu6a+VQThkjk/MY5Apa9J+75evJiCX4KK4xWnBZq4ptyfkCf+69ojoiw1og0fH+rohsqO46Q+/WdQUqQkQlVrMo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.eu; s=zohoarc; t=1639555274; h=Content-Type:Cc:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To; bh=1jv8z5dbTF9S4m8zvAqeb04z3VeoKDy6EHyY8Z8V7W8=; b=Uucyf1PmMYJE+UK24W8WMBiMFUDZh9xCl8Weu8+q8UaLbcWHe9+v1n4yvGFe6D5XSCo/B1pOBQg+Q09A8eVY92aLPdh3CdNeW0QSL6Aq7/gBJHuHsEwNI/04bWZwXwpKuijks4AiZDW0OYmA3ZymA445jNSUA8CkeNF51Ltw1M4= ARC-Authentication-Results: i=1; mx.zohomail.eu; spf=pass smtp.mailfrom=liangma@liangbit.com; dmarc=pass header.from= Received: from C02GF04TMD6V (cpc145956-finc19-2-0-cust124.4-2.cable.virginm.net [82.25.6.125]) by mx.zoho.eu with SMTPS id 1639555270129459.2823755752421; Wed, 15 Dec 2021 09:01:10 +0100 (CET) Date: Wed, 15 Dec 2021 08:01:07 +0000 From: Liang Ma To: Zhihong Wang Cc: konstantin.ananyev@intel.com, honnappa.nagarahalli@arm.com, dev@dpdk.org, stable@dpdk.org Subject: Re: [PATCH] ring: fix overflow in memory size calcuation Message-ID: References: <20211214033016.29927-1-wangzhihong.wzh@bytedance.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20211214033016.29927-1-wangzhihong.wzh@bytedance.com> X-ZohoMailClient: External X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org On Tue, Dec 14, 2021 at 11:30:16AM +0800, Zhihong Wang wrote: > Parameters count and esize are both unsigned int, and their product can > legally exceed unsigned int and lead to runtime access violation. > > Fixes: cc4b218790f6 ("ring: support configurable element size") > Cc: stable@dpdk.org > > Signed-off-by: Zhihong Wang > --- > lib/ring/rte_ring.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/lib/ring/rte_ring.c b/lib/ring/rte_ring.c > index f17bd966be..d1b80597af 100644 > --- a/lib/ring/rte_ring.c > +++ b/lib/ring/rte_ring.c > @@ -75,7 +75,7 @@ rte_ring_get_memsize_elem(unsigned int esize, unsigned int count) > return -EINVAL; > } > > - sz = sizeof(struct rte_ring) + count * esize; > + sz = sizeof(struct rte_ring) + (ssize_t)count * esize; > sz = RTE_ALIGN(sz, RTE_CACHE_LINE_SIZE); > return sz; > } > -- > 2.11.0 > Reviewed-by Liang Ma