diff mbox series

[v2] mbuf: Fix illegal pointer access to mempool members

Message ID 20210330195634.83275-1-wenwux.ma@intel.com (mailing list archive)
State Superseded
Headers show
Series [v2] mbuf: Fix illegal pointer access to mempool members | expand

Checks

Context Check Description
ci/intel-Testing success Testing PASS
ci/Intel-compilation success Compilation OK
ci/github-robot success github build: passed
ci/travis-robot success travis build: passed
ci/checkpatch success coding style OK

Commit Message

Wenwu Ma March 30, 2021, 7:56 p.m. UTC
From: wenwu ma <wenwux.ma@intel.com>

Before accessing the private data of mempool in
function rte_pktmbuf_priv_size() and rte_pktmbuf_data_room_size(),
it is necessary to determine whether the private data exists,
otherwise it will cause null pointer access.

Signed-off-by: wenwu ma <wenwux.ma@intel.com>
---
V2:
 - Change the unequal sign in the judgment statement to less than sign

 lib/librte_mbuf/rte_mbuf.h | 6 ++++++
 1 file changed, 6 insertions(+)
diff mbox series

Patch

diff --git a/lib/librte_mbuf/rte_mbuf.h b/lib/librte_mbuf/rte_mbuf.h
index c4c9ebfaa..6c2559550 100644
--- a/lib/librte_mbuf/rte_mbuf.h
+++ b/lib/librte_mbuf/rte_mbuf.h
@@ -811,6 +811,9 @@  rte_pktmbuf_data_room_size(struct rte_mempool *mp)
 {
 	struct rte_pktmbuf_pool_private *mbp_priv;
 
+	if (mp->private_data_size < sizeof(struct rte_pktmbuf_pool_private))
+		return 0;
+
 	mbp_priv = (struct rte_pktmbuf_pool_private *)rte_mempool_get_priv(mp);
 	return mbp_priv->mbuf_data_room_size;
 }
@@ -832,6 +835,9 @@  rte_pktmbuf_priv_size(struct rte_mempool *mp)
 {
 	struct rte_pktmbuf_pool_private *mbp_priv;
 
+	if (mp->private_data_size < sizeof(struct rte_pktmbuf_pool_private))
+		return 0;
+
 	mbp_priv = (struct rte_pktmbuf_pool_private *)rte_mempool_get_priv(mp);
 	return mbp_priv->mbuf_priv_size;
 }