[PATCH v2] trace: fix out of bounds write in __rte_trace_mem_get

Oleksandr Nahnybida oleksandrn at interfacemasters.com
Thu Apr 24 19:08:18 CEST 2025

Previous message (by thread): [PATCH] trace: fix out of bounds write in __rte_trace_mem_get
Next message (by thread): [EXTERNAL] [PATCH v2] trace: fix out of bounds write in __rte_trace_mem_get
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Offset should be aligned first before checking if there is free space for
another write.

Bugzilla ID: 1665
Fixes: 032a7e5499a0 ("trace: implement provider payload")

Signed-off-by: Oleksandr Nahnybida <oleksandrn at interfacemasters.com>
---
Specified correct "Fixes" commit.

 lib/eal/include/rte_trace_point.h | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/lib/eal/include/rte_trace_point.h b/lib/eal/include/rte_trace_point.h
index 8a317d31d2..343e0271b3 100644
--- a/lib/eal/include/rte_trace_point.h
+++ b/lib/eal/include/rte_trace_point.h
@@ -328,7 +328,7 @@ __rte_trace_mem_get(uint64_t in)
 			return NULL;
 	}
 	/* Check the wrap around case */
-	uint32_t offset = trace->offset;
+	uint32_t offset = RTE_ALIGN_CEIL(trace->offset, __RTE_TRACE_EVENT_HEADER_SZ);
 	if (unlikely((offset + sz) >= trace->len)) {
 		/* Disable the trace event if it in DISCARD mode */
 		if (unlikely(in & __RTE_TRACE_FIELD_ENABLE_DISCARD))
@@ -336,8 +336,6 @@ __rte_trace_mem_get(uint64_t in)

 		offset = 0;
 	}
-	/* Align to event header size */
-	offset = RTE_ALIGN_CEIL(offset, __RTE_TRACE_EVENT_HEADER_SZ);
 	void *mem = RTE_PTR_ADD(&trace->mem[0], offset);
 	offset += sz;
 	trace->offset = offset;
--
2.49.0

Previous message (by thread): [PATCH] trace: fix out of bounds write in __rte_trace_mem_get
Next message (by thread): [EXTERNAL] [PATCH v2] trace: fix out of bounds write in __rte_trace_mem_get
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list