[dpdk-dev] [PATCH v3 9/9] mem: fix possible use-after-free

Bruce Richardson bruce.richardson at intel.com
Fri Apr 27 17:45:55 CEST 2018


On Wed, Apr 25, 2018 at 10:56:47AM +0100, Anatoly Burakov wrote:
> If user has specified a flag to unmap the area right after mapping it,
> we were passing an already-unmapped pointer to RTE_LOG. This is not an
> issue since RTE_LOG doesn't actually dereference the pointer, but fix
> it anyway by moving call to RTE_LOG to before unmap.
> 
> Coverity issue: 272584
> 
> Fixes: b7cc54187ea4 ("mem: move virtual area function in common directory")
> Cc: anatoly.burakov at intel.com
> 
> Signed-off-by: Anatoly Burakov <anatoly.burakov at intel.com>
> ---
>  lib/librte_eal/common/eal_common_memory.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)
> 
> diff --git a/lib/librte_eal/common/eal_common_memory.c b/lib/librte_eal/common/eal_common_memory.c
> index 24a9ed5..3e30c58 100644
> --- a/lib/librte_eal/common/eal_common_memory.c
> +++ b/lib/librte_eal/common/eal_common_memory.c
> @@ -113,12 +113,12 @@ eal_get_virtual_area(void *requested_addr, size_t *size,
>  		RTE_LOG(WARNING, EAL, "   This may cause issues with mapping memory into secondary processes\n");
>  	}
>  
> -	if (unmap)
> -		munmap(mapped_addr, map_sz);
> -
>  	RTE_LOG(DEBUG, EAL, "Virtual area found at %p (size = 0x%zx)\n",
>  		aligned_addr, *size);
>  
> +	if (unmap)
> +		munmap(mapped_addr, map_sz);
> +
>  	baseaddr_offset += *size;
>  
>  	return aligned_addr;
Acked-by: Bruce Richardson <bruce.richardson at intel.com>



More information about the dev mailing list