[DPDK/other Bug 1893] Possible memory leak in ipv4_frag_reassemble

bugzilla at dpdk.org bugzilla at dpdk.org
Mon Feb 23 06:42:04 CET 2026

Previous message (by thread): [RFC] test/eal_flags: suppress vdev_netvsc auto-probe
Next message (by thread): [PATCH] mempool: introduce statistics reset function
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://bugs.dpdk.org/show_bug.cgi?id=1893

            Bug ID: 1893
           Summary: Possible memory leak in ipv4_frag_reassemble
           Product: DPDK
           Version: unspecified
          Hardware: All
                OS: All
            Status: UNCONFIRMED
          Severity: critical
          Priority: Normal
         Component: other
          Assignee: dev at dpdk.org
          Reporter: albe19021990 at gmail.com
  Target Milestone: ---

In current ipv4_frag_reassemble version in case of invalid data memory leak is
possibble.

On every success packet search we remove mbuf from fp

https://github.com/DPDK/dpdk/blob/main/lib/ip_frag/rte_ipv4_reassembly.c#L48

and link it to result mbuf.

https://github.com/DPDK/dpdk/blob/main/lib/ip_frag/rte_ipv4_reassembly.c#L45

If for some reason on some fail iteration there will be invalid offset in some
packet 

https://github.com/DPDK/dpdk/blob/main/lib/ip_frag/rte_ipv4_reassembly.c#L59

we will return NULL and all information chaned to m mbuf will be lost, as this
information was also deleted from fp.

So using fragmentation some client can create DDOS attack.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Previous message (by thread): [RFC] test/eal_flags: suppress vdev_netvsc auto-probe
Next message (by thread): [PATCH] mempool: introduce statistics reset function
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list