[dpdk-dev] [PATCH v2] eal: out-of-bounds write

Slawomir Mrozowicz slawomirx.mrozowicz at intel.com
Wed Apr 27 13:29:22 CEST 2016

Previous message: [dpdk-dev] [PATCH] mk: add build-time library directory to linker path
Next message: [dpdk-dev] [PATCH] lpm: unchecked return value
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Fix issue reported by Coverity.

Coverity ID 13282: Out-of-bounds write
overrun-local: Overrunning array mcfg->memseg of 256 44-byte elements
at element index 257 using index j.

Fixes: af75078fece3 ("first public release")

Signed-off-by: Slawomir Mrozowicz <slawomirx.mrozowicz at intel.com>
---
 lib/librte_eal/linuxapp/eal/eal_memory.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/linuxapp/eal/eal_memory.c
index 5b9132c..715bd52 100644
--- a/lib/librte_eal/linuxapp/eal/eal_memory.c
+++ b/lib/librte_eal/linuxapp/eal/eal_memory.c
@@ -1333,8 +1333,11 @@ rte_eal_hugepage_init(void)
 
 		if (new_memseg) {
 			j += 1;
-			if (j == RTE_MAX_MEMSEG)
+			if (j >= RTE_MAX_MEMSEG) {
+				RTE_LOG(ERR, EAL,
+					"Failed: memseg reached RTE_MAX_MEMSEG\n");
 				break;
+			}
 
 			mcfg->memseg[j].phys_addr = hugepage[i].physaddr;
 			mcfg->memseg[j].addr = hugepage[i].final_va;
-- 
1.9.1

Previous message: [dpdk-dev] [PATCH] mk: add build-time library directory to linker path
Next message: [dpdk-dev] [PATCH] lpm: unchecked return value
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list