From patchwork Tue Mar 30 14:07:02 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Ma, WenwuX" X-Patchwork-Id: 90041 X-Patchwork-Delegate: david.marchand@redhat.com Return-Path: X-Original-To: patchwork@inbox.dpdk.org Delivered-To: patchwork@inbox.dpdk.org Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 863C4A034F; Tue, 30 Mar 2021 04:13:23 +0200 (CEST) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id 6C1B3140F25; Tue, 30 Mar 2021 04:13:23 +0200 (CEST) Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mails.dpdk.org (Postfix) with ESMTP id 68FEF406B4 for ; Tue, 30 Mar 2021 04:13:22 +0200 (CEST) IronPort-SDR: scgwQJF1Gz0g6w45ycG63rGMM9TxRx/9VWicNCYa1prawcfSWNVwgBnSu/+2j1hUybJX7vVZlo lUBpMglXFKew== X-IronPort-AV: E=McAfee;i="6000,8403,9938"; a="191765864" X-IronPort-AV: E=Sophos;i="5.81,289,1610438400"; d="scan'208";a="191765864" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Mar 2021 19:13:21 -0700 IronPort-SDR: DVj1X64SXOZ14w8/DBMDVmYASnSqxKYNOE+ssgICz+HvzN70Sb+BwxdkSx5lZ/WhTrs95u61wq FDKopl106G8A== X-IronPort-AV: E=Sophos;i="5.81,289,1610438400"; d="scan'208";a="417943362" Received: from unknown (HELO localhost.localdomain) ([10.240.183.109]) by orsmga008-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Mar 2021 19:13:18 -0700 From: wenwux.ma@intel.com To: olivier.matz@6wind.com Cc: dev@dpdk.org, wenwu ma Date: Tue, 30 Mar 2021 14:07:02 +0000 Message-Id: <20210330140702.49202-1-wenwux.ma@intel.com> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 Subject: [dpdk-dev] [PATCH] mbuf: Fix illegal pointer access to mempool members X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" From: wenwu ma Before accessing the private data of mempool in function rte_pktmbuf_priv_size() and rte_pktmbuf_data_room_size(), it is necessary to determine whether the private data exists, otherwise it will cause null pointer access. Signed-off-by: wenwu ma --- lib/librte_mbuf/rte_mbuf.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/lib/librte_mbuf/rte_mbuf.h b/lib/librte_mbuf/rte_mbuf.h index c4c9ebfaa..9cca9a7d4 100644 --- a/lib/librte_mbuf/rte_mbuf.h +++ b/lib/librte_mbuf/rte_mbuf.h @@ -811,6 +811,9 @@ rte_pktmbuf_data_room_size(struct rte_mempool *mp) { struct rte_pktmbuf_pool_private *mbp_priv; + if (mp->private_data_size != sizeof(struct rte_pktmbuf_pool_private)) + return 0; + mbp_priv = (struct rte_pktmbuf_pool_private *)rte_mempool_get_priv(mp); return mbp_priv->mbuf_data_room_size; } @@ -832,6 +835,9 @@ rte_pktmbuf_priv_size(struct rte_mempool *mp) { struct rte_pktmbuf_pool_private *mbp_priv; + if (mp->private_data_size != sizeof(struct rte_pktmbuf_pool_private)) + return 0; + mbp_priv = (struct rte_pktmbuf_pool_private *)rte_mempool_get_priv(mp); return mbp_priv->mbuf_priv_size; }