malloc: fix potential null pointer dereference
Checks
Commit Message
We need to do the NULL pointer check first after malloc().
Fixes: 07dcbfe0101f ("malloc: support multiprocess memory hotplug")
Cc: stable@dpdk.org
Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
---
lib/librte_eal/common/malloc_heap.c | 4 +---
lib/librte_eal/common/malloc_mp.c | 4 +---
2 files changed, 2 insertions(+), 6 deletions(-)
Comments
On 15-Aug-18 8:20 AM, Tiwei Bie wrote:
> We need to do the NULL pointer check first after malloc().
>
> Fixes: 07dcbfe0101f ("malloc: support multiprocess memory hotplug")
> Cc: stable@dpdk.org
>
> Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
> ---
Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>
15/08/2018 10:56, Burakov, Anatoly:
> On 15-Aug-18 8:20 AM, Tiwei Bie wrote:
> > We need to do the NULL pointer check first after malloc().
> >
> > Fixes: 07dcbfe0101f ("malloc: support multiprocess memory hotplug")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Tiwei Bie <tiwei.bie@intel.com>
>
> Acked-by: Anatoly Burakov <anatoly.burakov@intel.com>
Applied, thanks
@@ -326,11 +326,9 @@ try_expand_heap_primary(struct malloc_heap *heap, uint64_t pg_sz,
/* we can't know in advance how many pages we'll need, so we malloc */
ms = malloc(sizeof(*ms) * n_segs);
-
- memset(ms, 0, sizeof(*ms) * n_segs);
-
if (ms == NULL)
return -1;
+ memset(ms, 0, sizeof(*ms) * n_segs);
elem = alloc_pages_on_heap(heap, pg_sz, elt_size, socket, flags, align,
bound, contig, ms, n_segs);
@@ -194,13 +194,11 @@ handle_alloc_request(const struct malloc_mp_req *m,
/* we can't know in advance how many pages we'll need, so we malloc */
ms = malloc(sizeof(*ms) * n_segs);
-
- memset(ms, 0, sizeof(*ms) * n_segs);
-
if (ms == NULL) {
RTE_LOG(ERR, EAL, "Couldn't allocate memory for request state\n");
goto fail;
}
+ memset(ms, 0, sizeof(*ms) * n_segs);
elem = alloc_pages_on_heap(heap, ar->page_sz, ar->elt_size, ar->socket,
ar->flags, ar->align, ar->bound, ar->contig, ms,