net/ice: fix illegal pointer access in dev init
Checks
Commit Message
mac_addrs in dev data should be allocated more memory space,
Otherwise, traversing mac_addrs in function eth_dev_mac_restore()
will result heap-buffer-overflow.
Signed-off-by: Wenwu Ma <wenwux.ma@intel.com>
---
drivers/net/ice/ice_ethdev.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
Comments
On Thu, 1 Apr 2021 13:24:53 +0000
Wenwu Ma <wenwux.ma@intel.com> wrote:
> + dev->data->mac_addrs = rte_zmalloc(NULL,
> + sizeof(struct rte_ether_addr) * ICE_NUM_MACADDR_MAX, 0);
This looks like a good place to use rte_calloc().
@@ -808,8 +808,8 @@ ice_init_mac_address(struct rte_eth_dev *dev)
(struct rte_ether_addr *)hw->port_info[0].mac.lan_addr,
(struct rte_ether_addr *)hw->port_info[0].mac.perm_addr);
- dev->data->mac_addrs =
- rte_zmalloc(NULL, sizeof(struct rte_ether_addr), 0);
+ dev->data->mac_addrs = rte_zmalloc(NULL,
+ sizeof(struct rte_ether_addr) * ICE_NUM_MACADDR_MAX, 0);
if (!dev->data->mac_addrs) {
PMD_INIT_LOG(ERR,
"Failed to allocate memory to store mac address");