diff mbox series

[v2] eal: fix dereference after null check

Message ID	1602751350-2808-1-git-send-email-wangyunjian@huawei.com (mailing list archive)
State	Accepted, archived
Delegated to:	David Marchand
Headers	From: wangyunjian <wangyunjian@huawei.com> To: <dev@dpdk.org> CC: <ferruh.yigit@intel.com>, <david.marchand@redhat.com>, <jerinj@marvell.com>, <hkalra@marvell.com>, <jerry.lilijun@huawei.com>, <xudingke@huawei.com>, Yunjian Wang <wangyunjian@huawei.com>, <stable@dpdk.org> Date: Thu, 15 Oct 2020 16:42:30 +0800 Message-ID: <1602751350-2808-1-git-send-email-wangyunjian@huawei.com> In-Reply-To: <1600511670-27576-1-git-send-email-wangyunjian@huawei.com> References: <1600511670-27576-1-git-send-email-wangyunjian@huawei.com> MIME-Version: 1.0 Content-Type: text/plain Subject: [dpdk-dev] [PATCH v2] eal: fix dereference after null check Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	[v2] eal: fix dereference after null check \| [v2] eal: fix dereference after null check

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/Intel-compilation	success	Compilation OK
ci/iol-broadcom-Functional	success	Functional Testing PASS
ci/iol-broadcom-Performance	success	Performance Testing PASS
ci/iol-intel-Functional	success	Functional Testing PASS
ci/iol-testing	success	Testing PASS
ci/iol-intel-Performance	success	Performance Testing PASS
ci/travis-robot	success	Travis build: passed
ci/iol-mellanox-Performance	success	Performance Testing PASS

Commit Message

Yunjian Wang Oct. 15, 2020, 8:42 a.m. UTC

  From: Yunjian Wang <wangyunjian@huawei.com>

This patch fixes (dereference after null check) coverity issue.
For this reason, we should add null check at the beginning of the
function and return error directly if the 'intr_handle' is null.

Coverity issue: 357695, 357751
Fixes: 05c4105738d8 ("trace: add interrupt tracepoints")
Cc: stable@dpdk.org

Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
---
v2:
  fix code styles suggested by Ferruh Yigit
---
 lib/librte_eal/freebsd/eal_interrupts.c | 16 ++++++++++------
 lib/librte_eal/linux/eal_interrupts.c   | 16 ++++++++++------
 2 files changed, 20 insertions(+), 12 deletions(-)

Comments

David Marchand Oct. 22, 2020, 8:01 p.m. UTC | #1

On Thu, Oct 15, 2020 at 10:43 AM wangyunjian <wangyunjian@huawei.com> wrote:
>
> From: Yunjian Wang <wangyunjian@huawei.com>
>
> This patch fixes (dereference after null check) coverity issue.
> For this reason, we should add null check at the beginning of the
> function and return error directly if the 'intr_handle' is null.
>
> Coverity issue: 357695, 357751
> Fixes: 05c4105738d8 ("trace: add interrupt tracepoints")
> Cc: stable@dpdk.org
>
> Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>

Review, please.

Harman Kalra Oct. 28, 2020, 9:18 p.m. UTC | #2

On Thu, Oct 15, 2020 at 04:42:30PM +0800, wangyunjian wrote:
> External Email
> 
> ----------------------------------------------------------------------
> From: Yunjian Wang <wangyunjian@huawei.com>
> 
> This patch fixes (dereference after null check) coverity issue.
> For this reason, we should add null check at the beginning of the
> function and return error directly if the 'intr_handle' is null.
> 
> Coverity issue: 357695, 357751
> Fixes: 05c4105738d8 ("trace: add interrupt tracepoints")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>

Thanks for fixing this.

Reviewed-by: Harman Kalra <hkalra@marvell.com>

> ---
> v2:
>   fix code styles suggested by Ferruh Yigit
> ---
>  lib/librte_eal/freebsd/eal_interrupts.c | 16 ++++++++++------
>  lib/librte_eal/linux/eal_interrupts.c   | 16 ++++++++++------
>  2 files changed, 20 insertions(+), 12 deletions(-)
> 
> diff --git a/lib/librte_eal/freebsd/eal_interrupts.c b/lib/librte_eal/freebsd/eal_interrupts.c
> index 6d53d33c8..211fd4f8d 100644
> --- a/lib/librte_eal/freebsd/eal_interrupts.c
> +++ b/lib/librte_eal/freebsd/eal_interrupts.c
> @@ -350,13 +350,15 @@ rte_intr_enable(const struct rte_intr_handle *intr_handle)
>  {
>  	int rc = 0;
>  
> -	if (intr_handle && intr_handle->type == RTE_INTR_HANDLE_VDEV) {
> +	if (intr_handle == NULL)
> +		return -1;
> +
> +	if (intr_handle->type == RTE_INTR_HANDLE_VDEV) {
>  		rc = 0;
>  		goto out;
>  	}
>  
> -	if (!intr_handle || intr_handle->fd < 0 ||
> -				intr_handle->uio_cfg_fd < 0) {
> +	if (intr_handle->fd < 0 || intr_handle->uio_cfg_fd < 0) {
>  		rc = -1;
>  		goto out;
>  	}
> @@ -389,13 +391,15 @@ rte_intr_disable(const struct rte_intr_handle *intr_handle)
>  {
>  	int rc = 0;
>  
> -	if (intr_handle && intr_handle->type == RTE_INTR_HANDLE_VDEV) {
> +	if (intr_handle == NULL)
> +		return -1;
> +
> +	if (intr_handle->type == RTE_INTR_HANDLE_VDEV) {
>  		rc = 0;
>  		goto out;
>  	}
>  
> -	if (!intr_handle || intr_handle->fd < 0 ||
> -				intr_handle->uio_cfg_fd < 0) {
> +	if (intr_handle->fd < 0 || intr_handle->uio_cfg_fd < 0) {
>  		rc = -1;
>  		goto out;
>  	}
> diff --git a/lib/librte_eal/linux/eal_interrupts.c b/lib/librte_eal/linux/eal_interrupts.c
> index 13db5c4e8..f1bd0356c 100644
> --- a/lib/librte_eal/linux/eal_interrupts.c
> +++ b/lib/librte_eal/linux/eal_interrupts.c
> @@ -667,13 +667,15 @@ rte_intr_enable(const struct rte_intr_handle *intr_handle)
>  {
>  	int rc = 0;
>  
> -	if (intr_handle && intr_handle->type == RTE_INTR_HANDLE_VDEV) {
> +	if (intr_handle == NULL)
> +		return -1;
> +
> +	if (intr_handle->type == RTE_INTR_HANDLE_VDEV) {
>  		rc = 0;
>  		goto out;
>  	}
>  
> -	if (!intr_handle || intr_handle->fd < 0 ||
> -			intr_handle->uio_cfg_fd < 0) {
> +	if (intr_handle->fd < 0 || intr_handle->uio_cfg_fd < 0) {
>  		rc = -1;
>  		goto out;
>  	}
> @@ -794,13 +796,15 @@ rte_intr_disable(const struct rte_intr_handle *intr_handle)
>  {
>  	int rc = 0;
>  
> -	if (intr_handle && intr_handle->type == RTE_INTR_HANDLE_VDEV) {
> +	if (intr_handle == NULL)
> +		return -1;
> +
> +	if (intr_handle->type == RTE_INTR_HANDLE_VDEV) {
>  		rc = 0;
>  		goto out;
>  	}
>  
> -	if (!intr_handle || intr_handle->fd < 0 ||
> -					intr_handle->uio_cfg_fd < 0) {
> +	if (intr_handle->fd < 0 || intr_handle->uio_cfg_fd < 0) {
>  		rc = -1;
>  		goto out;
>  	}
> -- 
> 2.23.0
>

David Marchand Oct. 29, 2020, 4:09 p.m. UTC | #3

On Wed, Oct 28, 2020 at 10:19 PM Harman Kalra <hkalra@marvell.com> wrote:
> On Thu, Oct 15, 2020 at 04:42:30PM +0800, wangyunjian wrote:
> > This patch fixes (dereference after null check) coverity issue.
> > For this reason, we should add null check at the beginning of the
> > function and return error directly if the 'intr_handle' is null.
> >
> > Coverity issue: 357695, 357751
> > Fixes: 05c4105738d8 ("trace: add interrupt tracepoints")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Yunjian Wang <wangyunjian@huawei.com>
> Reviewed-by: Harman Kalra <hkalra@marvell.com>

Applied, thanks.

diff mbox series

Patch

diff --git a/lib/librte_eal/freebsd/eal_interrupts.c b/lib/librte_eal/freebsd/eal_interrupts.c
index 6d53d33c8..211fd4f8d 100644
--- a/lib/librte_eal/freebsd/eal_interrupts.c
+++ b/lib/librte_eal/freebsd/eal_interrupts.c
@@ -350,13 +350,15 @@  rte_intr_enable(const struct rte_intr_handle *intr_handle)
 {
 	int rc = 0;
 
-	if (intr_handle && intr_handle->type == RTE_INTR_HANDLE_VDEV) {
+	if (intr_handle == NULL)
+		return -1;
+
+	if (intr_handle->type == RTE_INTR_HANDLE_VDEV) {
 		rc = 0;
 		goto out;
 	}
 
-	if (!intr_handle || intr_handle->fd < 0 ||
-				intr_handle->uio_cfg_fd < 0) {
+	if (intr_handle->fd < 0 || intr_handle->uio_cfg_fd < 0) {
 		rc = -1;
 		goto out;
 	}
@@ -389,13 +391,15 @@  rte_intr_disable(const struct rte_intr_handle *intr_handle)
 {
 	int rc = 0;
 
-	if (intr_handle && intr_handle->type == RTE_INTR_HANDLE_VDEV) {
+	if (intr_handle == NULL)
+		return -1;
+
+	if (intr_handle->type == RTE_INTR_HANDLE_VDEV) {
 		rc = 0;
 		goto out;
 	}
 
-	if (!intr_handle || intr_handle->fd < 0 ||
-				intr_handle->uio_cfg_fd < 0) {
+	if (intr_handle->fd < 0 || intr_handle->uio_cfg_fd < 0) {
 		rc = -1;
 		goto out;
 	}
diff --git a/lib/librte_eal/linux/eal_interrupts.c b/lib/librte_eal/linux/eal_interrupts.c
index 13db5c4e8..f1bd0356c 100644
--- a/lib/librte_eal/linux/eal_interrupts.c
+++ b/lib/librte_eal/linux/eal_interrupts.c
@@ -667,13 +667,15 @@  rte_intr_enable(const struct rte_intr_handle *intr_handle)
 {
 	int rc = 0;
 
-	if (intr_handle && intr_handle->type == RTE_INTR_HANDLE_VDEV) {
+	if (intr_handle == NULL)
+		return -1;
+
+	if (intr_handle->type == RTE_INTR_HANDLE_VDEV) {
 		rc = 0;
 		goto out;
 	}
 
-	if (!intr_handle || intr_handle->fd < 0 ||
-			intr_handle->uio_cfg_fd < 0) {
+	if (intr_handle->fd < 0 || intr_handle->uio_cfg_fd < 0) {
 		rc = -1;
 		goto out;
 	}
@@ -794,13 +796,15 @@  rte_intr_disable(const struct rte_intr_handle *intr_handle)
 {
 	int rc = 0;
 
-	if (intr_handle && intr_handle->type == RTE_INTR_HANDLE_VDEV) {
+	if (intr_handle == NULL)
+		return -1;
+
+	if (intr_handle->type == RTE_INTR_HANDLE_VDEV) {
 		rc = 0;
 		goto out;
 	}
 
-	if (!intr_handle || intr_handle->fd < 0 ||
-					intr_handle->uio_cfg_fd < 0) {
+	if (intr_handle->fd < 0 || intr_handle->uio_cfg_fd < 0) {
 		rc = -1;
 		goto out;
 	}