diff mbox series

[1/2] malloc: fix realloc wrong copy size

Message ID	1573570228-15676-1-git-send-email-xuemingl@mellanox.com (mailing list archive)
State	Accepted, archived
Delegated to:	David Marchand
Headers	From: Xueming Li <xuemingl@mellanox.com> To: Anatoly Burakov <anatoly.burakov@intel.com> Cc: Asaf Penso <asafp@mellanox.com>, dev@dpdk.org, stable@dpdk.org Date: Tue, 12 Nov 2019 14:50:27 +0000 Message-Id: <1573570228-15676-1-git-send-email-xuemingl@mellanox.com> Subject: [dpdk-dev] [PATCH 1/2] malloc: fix realloc wrong copy size Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	[1/2] malloc: fix realloc wrong copy size \| [1/2] malloc: fix realloc wrong copy size [2/2] malloc: fix realloc padded element size

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK
ci/iol-intel-Performance	fail	Performance Testing issues
ci/iol-compilation	success	Compile Testing PASS
ci/iol-mellanox-Performance	success	Performance Testing PASS
ci/Intel-compilation	success	Compilation OK

Commit Message

Xueming Li Nov. 12, 2019, 2:50 p.m. UTC

  In rte_realloc, if the old element has pad and need to allocate a new
memory, the padding size was not deducted, so more data was copied to
new data area.

Fixes: af75078fece3 ("first public release")
Cc: stable@dpdk.org

Signed-off-by: Xueming Li <xuemingl@mellanox.com>
---
 lib/librte_eal/common/rte_malloc.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

Anatoly Burakov Nov. 14, 2019, 3:11 p.m. UTC | #1

On 12-Nov-19 2:50 PM, Xueming Li wrote:
> In rte_realloc, if the old element has pad and need to allocate a new
> memory, the padding size was not deducted, so more data was copied to
> new data area.
> 
> Fixes: af75078fece3 ("first public release")
> Cc: stable@dpdk.org
> 
> Signed-off-by: Xueming Li <xuemingl@mellanox.com>
> ---

Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>

diff mbox series

Patch

diff --git a/lib/librte_eal/common/rte_malloc.c b/lib/librte_eal/common/rte_malloc.c
index 413e4aa004..d6026a2b17 100644
--- a/lib/librte_eal/common/rte_malloc.c
+++ b/lib/librte_eal/common/rte_malloc.c
@@ -150,7 +150,8 @@  rte_realloc_socket(void *ptr, size_t size, unsigned int align, int socket)
 	void *new_ptr = rte_malloc_socket(NULL, size, align, socket);
 	if (new_ptr == NULL)
 		return NULL;
-	const unsigned old_size = elem->size - MALLOC_ELEM_OVERHEAD;
+	/* elem: |pad|data_elem|data|trailer| */
+	const size_t old_size = elem->size - elem->pad - MALLOC_ELEM_OVERHEAD;
 	rte_memcpy(new_ptr, ptr, old_size < size ? old_size : size);
 	rte_free(ptr);