[v2,07/11] malloc: check result of rte_fbarray_get
Checks
Commit Message
From: Sinan Kaya <okaya@kernel.org>
In eal_memalloc_is_contig result of call to rte_fbarray_get
is dereferenced here and may be null.
Signed-off-by: Sinan Kaya <okaya@kernel.org>
---
lib/eal/common/eal_common_memalloc.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
Comments
2022-11-21 17:32 (UTC-0500), okaya@kernel.org:
> From: Sinan Kaya <okaya@kernel.org>
>
> In eal_memalloc_is_contig result of call to rte_fbarray_get
> is dereferenced here and may be null.
>
> Signed-off-by: Sinan Kaya <okaya@kernel.org>
> ---
> lib/eal/common/eal_common_memalloc.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/lib/eal/common/eal_common_memalloc.c b/lib/eal/common/eal_common_memalloc.c
> index ab04479c1c..24506f8447 100644
> --- a/lib/eal/common/eal_common_memalloc.c
> +++ b/lib/eal/common/eal_common_memalloc.c
> @@ -126,6 +126,9 @@ eal_memalloc_is_contig(const struct rte_memseg_list *msl, void *start,
>
> /* skip first iteration */
> ms = rte_fbarray_get(&msl->memseg_arr, start_seg);
> + if (ms == NULL)
> + return false;
> +
> cur = ms->iova;
> expected = cur + pgsz;
>
> @@ -137,7 +140,7 @@ eal_memalloc_is_contig(const struct rte_memseg_list *msl, void *start,
> cur_seg++, expected += pgsz) {
> ms = rte_fbarray_get(&msl->memseg_arr, cur_seg);
>
> - if (ms->iova != expected)
> + if ((ms != NULL) && (ms->iova != expected))
> return false;
> }
> }
Invariant: "msl->memseg_arr" elements for existing memsegs are used.
RTE_ASSERT(rte_fbarray_is_used(&msl->memseg_arr, ...)) would be sufficient.
@@ -126,6 +126,9 @@ eal_memalloc_is_contig(const struct rte_memseg_list *msl, void *start,
/* skip first iteration */
ms = rte_fbarray_get(&msl->memseg_arr, start_seg);
+ if (ms == NULL)
+ return false;
+
cur = ms->iova;
expected = cur + pgsz;
@@ -137,7 +140,7 @@ eal_memalloc_is_contig(const struct rte_memseg_list *msl, void *start,
cur_seg++, expected += pgsz) {
ms = rte_fbarray_get(&msl->memseg_arr, cur_seg);
- if (ms->iova != expected)
+ if ((ms != NULL) && (ms->iova != expected))
return false;
}
}