[dpdk-dev] [PATCH v5] eal: out-of-bounds write

Slawomir Mrozowicz slawomirx.mrozowicz at intel.com
Thu Jun 16 16:52:18 CEST 2016

Previous message: [dpdk-dev] [PATCH v3 17/17] ethdev: get rid of device type
Next message: [dpdk-dev] [PATCH v5] eal: out-of-bounds write
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Overrunning array mcfg->memseg of 256 44-byte elements
at element index 257 using index j.
Fixed by add condition with message information.

Fixes: af75078fece3 ("first public release")
Coverity ID 13282

Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz at intel.com>
---
v5:
- update message
v4:
- remove check condition from loop
v3:
- add check condition inside and outside the loop
v2:
- add message information
---
 lib/librte_eal/linuxapp/eal/eal_memory.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/linuxapp/eal/eal_memory.c
index 5b9132c..ffe069c 100644
--- a/lib/librte_eal/linuxapp/eal/eal_memory.c
+++ b/lib/librte_eal/linuxapp/eal/eal_memory.c
@@ -1301,6 +1301,14 @@ rte_eal_hugepage_init(void)
 			break;
 		}
 
+	if (j >= RTE_MAX_MEMSEG) {
+		RTE_LOG(ERR, EAL,
+			"All memory segments exhausted by IVSHMEM. "
+			"Try recompiling with larger RTE_MAX_MEMSEG "
+			"then current %d\n", RTE_MAX_MEMSEG);
+		return -ENOMEM;
+	}
+
 	for (i = 0; i < nr_hugefiles; i++) {
 		new_memseg = 0;
 
-- 
1.9.1

Previous message: [dpdk-dev] [PATCH v3 17/17] ethdev: get rid of device type
Next message: [dpdk-dev] [PATCH v5] eal: out-of-bounds write
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list