diff mbox series

net/ice: fix illegal pointer access in dev init

Message ID 20210401132453.17786-1-wenwux.ma@intel.com (mailing list archive)
State Superseded
Headers show
Series net/ice: fix illegal pointer access in dev init | expand

Checks

Context Check Description
ci/iol-testing success Testing PASS
ci/iol-mellanox-Performance success Performance Testing PASS
ci/iol-abi-testing success Testing PASS
ci/intel-Testing success Testing PASS
ci/github-robot success github build: passed
ci/Intel-compilation success Compilation OK
ci/travis-robot success travis build: passed
ci/checkpatch success coding style OK

Commit Message

Wenwu Ma April 1, 2021, 1:24 p.m. UTC
mac_addrs in dev data should be allocated more memory space,
Otherwise, traversing mac_addrs in function eth_dev_mac_restore()
will result heap-buffer-overflow.

Signed-off-by: Wenwu Ma <wenwux.ma@intel.com>
---
 drivers/net/ice/ice_ethdev.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Comments

Stephen Hemminger April 1, 2021, 2:37 a.m. UTC | #1
On Thu,  1 Apr 2021 13:24:53 +0000
Wenwu Ma <wenwux.ma@intel.com> wrote:

> +	dev->data->mac_addrs = rte_zmalloc(NULL,
> +		sizeof(struct rte_ether_addr) * ICE_NUM_MACADDR_MAX, 0);

This looks like a good place to use rte_calloc().
diff mbox series

Patch

diff --git a/drivers/net/ice/ice_ethdev.c b/drivers/net/ice/ice_ethdev.c
index 9c9b84a93..115fa712e 100644
--- a/drivers/net/ice/ice_ethdev.c
+++ b/drivers/net/ice/ice_ethdev.c
@@ -808,8 +808,8 @@  ice_init_mac_address(struct rte_eth_dev *dev)
 		(struct rte_ether_addr *)hw->port_info[0].mac.lan_addr,
 		(struct rte_ether_addr *)hw->port_info[0].mac.perm_addr);
 
-	dev->data->mac_addrs =
-		rte_zmalloc(NULL, sizeof(struct rte_ether_addr), 0);
+	dev->data->mac_addrs = rte_zmalloc(NULL,
+		sizeof(struct rte_ether_addr) * ICE_NUM_MACADDR_MAX, 0);
 	if (!dev->data->mac_addrs) {
 		PMD_INIT_LOG(ERR,
 			     "Failed to allocate memory to store mac address");