[dpdk-dev] [PATCH] vfio: fix array bounds check

Alejandro Lucero alejandro.lucero at netronome.com
Fri May 12 12:18:25 CEST 2017


Checking against VFIO_MAX_GROUPS goes beyond the maximum array
index which should be (VFIO_MAX_GROUPS - 1).

Fixes: 94c0776b1bad("support hotplug")
Coverity issue: 144555
Coverity issue: 144556
Coverity issue: 144557

Signed-off-by: Alejandro Lucero <alejandro.lucero at netronome.com>
---
 lib/librte_eal/linuxapp/eal/eal_vfio.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/librte_eal/linuxapp/eal/eal_vfio.c b/lib/librte_eal/linuxapp/eal/eal_vfio.c
index 5486dca..4816afc 100644
--- a/lib/librte_eal/linuxapp/eal/eal_vfio.c
+++ b/lib/librte_eal/linuxapp/eal/eal_vfio.c
@@ -189,7 +189,7 @@
 	int i;
 
 	i = get_vfio_group_idx(vfio_group_fd);
-	if (i < 0 || i > VFIO_MAX_GROUPS)
+	if (i < 0 || i > (VFIO_MAX_GROUPS - 1))
 		RTE_LOG(ERR, EAL, "  wrong vfio_group index (%d)\n", i);
 	else
 		vfio_cfg.vfio_groups[i].devices++;
@@ -201,7 +201,7 @@
 	int i;
 
 	i = get_vfio_group_idx(vfio_group_fd);
-	if (i < 0 || i > VFIO_MAX_GROUPS)
+	if (i < 0 || i > (VFIO_MAX_GROUPS - 1))
 		RTE_LOG(ERR, EAL, "  wrong vfio_group index (%d)\n", i);
 	else
 		vfio_cfg.vfio_groups[i].devices--;
@@ -213,7 +213,7 @@
 	int i;
 
 	i = get_vfio_group_idx(vfio_group_fd);
-	if (i < 0 || i > VFIO_MAX_GROUPS) {
+	if (i < 0 || i > (VFIO_MAX_GROUPS - 1)) {
 		RTE_LOG(ERR, EAL, "  wrong vfio_group index (%d)\n", i);
 		return -1;
 	}
-- 
1.9.1



More information about the dev mailing list