[dpdk-dev] [PATCH 1/2] graph: fix memory leak

David Marchand david.marchand at redhat.com
Tue May 4 16:15:51 CEST 2021


On Thu, Apr 22, 2021 at 1:52 PM Min Hu (Connor) <humin29 at huawei.com> wrote:
>
> From: HongBo Zheng <zhenghongbo3 at huawei.com>
>
> Fix function 'stats_mem_populate' return without
> free dynamic memory referenced by 'stats'.
>
> Fixes: af1ae8b6a32c ("graph: implement stats")
> Cc: stable at dpdk.org
>
> Signed-off-by: HongBo Zheng <zhenghongbo3 at huawei.com>
> Signed-off-by: Min Hu (Connor) <humin29 at huawei.com>
> ---
>  lib/librte_graph/graph_stats.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)
>
> diff --git a/lib/librte_graph/graph_stats.c b/lib/librte_graph/graph_stats.c
> index 125e08d..f698bb3 100644
> --- a/lib/librte_graph/graph_stats.c
> +++ b/lib/librte_graph/graph_stats.c
> @@ -174,7 +174,7 @@ stats_mem_populate(struct rte_graph_cluster_stats **stats_in,
>         cluster->stat.hz = rte_get_timer_hz();
>         node = graph_node_id_to_ptr(graph, id);
>         if (node == NULL)
> -               SET_ERR_JMP(ENOENT, err, "Failed to find node %s in graph %s",
> +               SET_ERR_JMP(ENOENT, free, "Failed to find node %s in graph %s",
>                             graph_node->node->name, graph->name);
>         cluster->nodes[cluster->nb_nodes++] = node;
>
> @@ -183,6 +183,8 @@ stats_mem_populate(struct rte_graph_cluster_stats **stats_in,
>         *stats_in = stats;
>
>         return 0;
> +free:
> +       free(stats);
>  err:
>         return -rte_errno;
>  }

We have a double free with this change.

If realloc on stats returns the same location, but node lookup fails,
stats_in is left untouched and still points at the original stats
location.
This location is then freed in the free: label, and later is freed in
stats_mem_fini() from caller.


-- 
David Marchand



More information about the dev mailing list