[dpdk-dev] [PATCH 2/7] net/bnxt: fix uninitialized ptr access in transmit handler

[Ajit Khaparde]

From: Somnath Kotur <somnath.kotur at broadcom.com>

bnxt_start_xmit() was attempting to access an uninitialized ptr - txbd1
which would lead to segmentation fault.
Fix to initialize ptr to NULL and check for the same before access.

Fixes: f10258e39ec2 ("net/bnxt: fix HW Tx checksum offload check")
Cc: stable at broadcom.com

Signed-off-by: Somnath Kotur <somnath.kotur at broadcom.com>
Signed-off-by: Ajit Khaparde <ajit.khaparde at broadcom.com>
---
 drivers/net/bnxt/bnxt_txr.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/drivers/net/bnxt/bnxt_txr.c b/drivers/net/bnxt/bnxt_txr.c
index 67bb35e06..39be7bdfa 100644
--- a/drivers/net/bnxt/bnxt_txr.c
+++ b/drivers/net/bnxt/bnxt_txr.c
@@ -120,7 +120,7 @@ static uint16_t bnxt_start_xmit(struct rte_mbuf *tx_pkt,
 {
 	struct bnxt_tx_ring_info *txr = txq->tx_ring;
 	struct tx_bd_long *txbd;
-	struct tx_bd_long_hi *txbd1;
+	struct tx_bd_long_hi *txbd1 = NULL;
 	uint32_t vlan_tag_flags, cfa_action;
 	bool long_bd = false;
 	uint16_t last_prod = 0;
@@ -295,7 +295,8 @@ static uint16_t bnxt_start_xmit(struct rte_mbuf *tx_pkt,
 	}
 
 	txbd->flags_type |= TX_BD_LONG_FLAGS_PACKET_END;
-	txbd1->lflags = rte_cpu_to_le_32(txbd1->lflags);
+	if (txbd1)
+		txbd1->lflags = rte_cpu_to_le_32(txbd1->lflags);
 
 	txr->tx_prod = RING_NEXT(txr->tx_ring_struct, txr->tx_prod);
 
-- 
2.15.2 (Apple Git-101.1)