[dpdk-dev] [PATCH 09/10] mem: fix negative return value

Anatoly Burakov anatoly.burakov at intel.com
Tue Apr 17 17:50:16 CEST 2018

Previous message: [dpdk-dev] [PATCH 08/10] mem: fix statement having no effect
Next message: [dpdk-dev] [PATCH 10/10] mem: fix possible use-after-free
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Although unlikely during normal operation, rte_socket_id_by_idx()
may return a negative value, which would've caused an out-of-bounds
read. Fix it by making socket ID signed, and check for negative
return.

Coverity issue: 272577
Coverity issue: 272578

Fixes: 66cc45e293ed ("mem: replace memseg with memseg lists")
Cc: anatoly.burakov at intel.com

Signed-off-by: Anatoly Burakov <anatoly.burakov at intel.com>
---
 lib/librte_eal/common/eal_common_memory.c | 17 ++++++++++++++---
 1 file changed, 14 insertions(+), 3 deletions(-)

diff --git a/lib/librte_eal/common/eal_common_memory.c b/lib/librte_eal/common/eal_common_memory.c
index 24a9ed5..68fc70e 100644
--- a/lib/librte_eal/common/eal_common_memory.c
+++ b/lib/librte_eal/common/eal_common_memory.c
@@ -205,7 +205,8 @@ memseg_primary_init_32(void)
 {
 	struct rte_mem_config *mcfg = rte_eal_get_configuration()->mem_config;
 	int active_sockets, hpi_idx, msl_idx = 0;
-	unsigned int socket_id, i;
+	unsigned int i;
+	int socket_id;
 	struct rte_memseg_list *msl;
 	uint64_t extra_mem_per_socket, total_extra_mem, total_requested_mem;
 	uint64_t max_mem;
@@ -238,6 +239,11 @@ memseg_primary_init_32(void)
 			uint64_t mem;
 
 			socket_id = rte_socket_id_by_idx(i);
+			if (socket_id < 0) {
+				RTE_LOG(ERR, EAL, "Invalid socket index: %u\n",
+						i);
+				continue;
+			}
 			mem = internal_config.socket_mem[socket_id];
 
 			if (mem == 0)
@@ -281,6 +287,10 @@ memseg_primary_init_32(void)
 		bool skip;
 
 		socket_id = rte_socket_id_by_idx(i);
+		if (socket_id < 0) {
+			RTE_LOG(ERR, EAL, "Invalid socket index: %u\n", i);
+			continue;
+		}
 
 #ifndef RTE_EAL_NUMA_AWARE_HUGEPAGES
 		if (socket_id > 0)
@@ -294,10 +304,11 @@ memseg_primary_init_32(void)
 		 * socket, and this is not master lcore
 		 */
 		master_lcore_socket = rte_lcore_to_socket_id(cfg->master_lcore);
-		skip |= active_sockets == 0 && socket_id != master_lcore_socket;
+		skip |= active_sockets == 0 &&
+				(unsigned int)socket_id != master_lcore_socket;
 
 		if (skip) {
-			RTE_LOG(DEBUG, EAL, "Will not preallocate memory on socket %u\n",
+			RTE_LOG(DEBUG, EAL, "Will not preallocate memory on socket %i\n",
 					socket_id);
 			continue;
 		}
-- 
2.7.4

Previous message: [dpdk-dev] [PATCH 08/10] mem: fix statement having no effect
Next message: [dpdk-dev] [PATCH 10/10] mem: fix possible use-after-free
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list