[dpdk-dev] [PATCH] net/softnic: fix illegal memory access

Singh, Jasvinder jasvinder.singh at intel.com
Mon Jul 16 22:28:54 CEST 2018

Previous message: [dpdk-dev] [PATCH] net/softnic: fix illegal memory access
Next message: [dpdk-dev] [PATCH v2] net/ixgbe: fix missing NULL point check
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


> -----Original Message-----
> From: dev [mailto:dev-bounces at dpdk.org] On Behalf Of Singh, Jasvinder
> Sent: Monday, July 16, 2018 6:26 PM
> To: Dumitrescu, Cristian <cristian.dumitrescu at intel.com>; dev at dpdk.org
> Subject: Re: [dpdk-dev] [PATCH] net/softnic: fix illegal memory access
> 
> 
> 
> > -----Original Message-----
> > From: Dumitrescu, Cristian
> > Sent: Monday, July 16, 2018 5:04 PM
> > To: Singh, Jasvinder <jasvinder.singh at intel.com>; dev at dpdk.org
> > Subject: RE: [PATCH] net/softnic: fix illegal memory access
> >
> >
> >
> > > -----Original Message-----
> > > From: Singh, Jasvinder
> > > Sent: Monday, July 16, 2018 1:42 PM
> > > To: dev at dpdk.org
> > > Cc: Dumitrescu, Cristian <cristian.dumitrescu at intel.com>
> > > Subject: [PATCH] net/softnic: fix illegal memory access
> > >
> > > Fix pointer dereferencing and read after free (USE_AFTER_FREE).
> > >
> > > Coverity issue: 302867
> > > Fixes: bef50bcb1c47 ("net/softnic: implement start and stop")
> > >
> > > Signed-off-by: Jasvinder Singh <jasvinder.singh at intel.com>
> > > ---
> > >  drivers/net/softnic/rte_eth_softnic_swq.c | 8 ++++++--
> > >  1 file changed, 6 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/drivers/net/softnic/rte_eth_softnic_swq.c
> > > b/drivers/net/softnic/rte_eth_softnic_swq.c
> > > index 1944fbb..604a2cc 100644
> > > --- a/drivers/net/softnic/rte_eth_softnic_swq.c
> > > +++ b/drivers/net/softnic/rte_eth_softnic_swq.c
> > > @@ -36,9 +36,13 @@ softnic_swq_free(struct pmd_internals *p)  void
> > > softnic_softnic_swq_free_keep_rxq_txq(struct pmd_internals *p)  {
> > > -	struct softnic_swq *swq;
> > > +	for ( ; ; ) {
> > > +		struct softnic_swq *swq;
> > > +
> > > +		swq = TAILQ_FIRST(&p->swq_list);
> > > +		if (swq == NULL)
> > > +			break;
> > >
> > > -	TAILQ_FOREACH(swq, &p->swq_list, node) {
> > >  		if ((strncmp(swq->name, "RXQ", strlen("RXQ")) == 0) ||
> > >  			(strncmp(swq->name, "TXQ", strlen("TXQ")) == 0))
> > >  			continue;
> > > --
 <snip>

Self NACK. Fix is incorrect. The infinite loop will never break due to non-empty swq_list.

Previous message: [dpdk-dev] [PATCH] net/softnic: fix illegal memory access
Next message: [dpdk-dev] [PATCH v2] net/ixgbe: fix missing NULL point check
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list