[dpdk-dev] [PATCH 2/7] net/bnxt: fix uninitialized ptr access in transmit handler
Ajit Khaparde
ajit.khaparde at broadcom.com
Sat Sep 1 06:32:49 CEST 2018
From: Somnath Kotur <somnath.kotur at broadcom.com>
bnxt_start_xmit() was attempting to access an uninitialized ptr - txbd1
which would lead to segmentation fault.
Fix to initialize ptr to NULL and check for the same before access.
Fixes: f10258e39ec2 ("net/bnxt: fix HW Tx checksum offload check")
Cc: stable at broadcom.com
Signed-off-by: Somnath Kotur <somnath.kotur at broadcom.com>
Signed-off-by: Ajit Khaparde <ajit.khaparde at broadcom.com>
---
drivers/net/bnxt/bnxt_txr.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/drivers/net/bnxt/bnxt_txr.c b/drivers/net/bnxt/bnxt_txr.c
index 67bb35e06..39be7bdfa 100644
--- a/drivers/net/bnxt/bnxt_txr.c
+++ b/drivers/net/bnxt/bnxt_txr.c
@@ -120,7 +120,7 @@ static uint16_t bnxt_start_xmit(struct rte_mbuf *tx_pkt,
{
struct bnxt_tx_ring_info *txr = txq->tx_ring;
struct tx_bd_long *txbd;
- struct tx_bd_long_hi *txbd1;
+ struct tx_bd_long_hi *txbd1 = NULL;
uint32_t vlan_tag_flags, cfa_action;
bool long_bd = false;
uint16_t last_prod = 0;
@@ -295,7 +295,8 @@ static uint16_t bnxt_start_xmit(struct rte_mbuf *tx_pkt,
}
txbd->flags_type |= TX_BD_LONG_FLAGS_PACKET_END;
- txbd1->lflags = rte_cpu_to_le_32(txbd1->lflags);
+ if (txbd1)
+ txbd1->lflags = rte_cpu_to_le_32(txbd1->lflags);
txr->tx_prod = RING_NEXT(txr->tx_ring_struct, txr->tx_prod);
--
2.15.2 (Apple Git-101.1)
More information about the dev
mailing list