diff mbox series

security: fix segfault when destroy NULL session

Message ID	1530785082-4742-1-git-send-email-radu.nicolau@intel.com (mailing list archive)
State	Accepted, archived
Delegated to:	Pablo de Lara Guarch
Headers	From: Radu Nicolau <radu.nicolau@intel.com> To: dev@dpdk.org Cc: akhil.goyal@nxp.com, borisp@mellanox.com, declan.doherty@intel.com, Radu Nicolau <radu.nicolau@intel.com>, stable@dpdk.org Date: Thu, 5 Jul 2018 11:04:42 +0100 Message-Id: <1530785082-4742-1-git-send-email-radu.nicolau@intel.com> Subject: [dpdk-dev] [PATCH] security: fix segfault when destroy NULL session Precedence: list Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org>
Series	security: fix segfault when destroy NULL session \| security: fix segfault when destroy NULL session

Checks

Context	Check	Description
ci/checkpatch	success	coding style OK

Commit Message

Radu Nicolau July 5, 2018, 10:04 a.m. UTC

  rte_security_session_destroy should return -EINVAL is session is NULL,
but segfaults because of rte_mempool_from_obj(NULL) call.

Fixes: c261d1431bd8 ("security: introduce security API and framework")
Cc: stable@dpdk.org

Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
---
 lib/librte_security/rte_security.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

Comments

Akhil Goyal July 5, 2018, 10:51 a.m. UTC | #1

On 7/5/2018 3:34 PM, Radu Nicolau wrote:

> rte_security_session_destroy should return -EINVAL is session is NULL,
> but segfaults because of rte_mempool_from_obj(NULL) call.
>
> Fixes: c261d1431bd8 ("security: introduce security API and framework")
> Cc: stable@dpdk.org
>
> Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
> ---

Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

De Lara Guarch, Pablo July 5, 2018, 4:14 p.m. UTC | #2

> -----Original Message-----
> From: stable [mailto:stable-bounces@dpdk.org] On Behalf Of Akhil Goyal
> Sent: Thursday, July 5, 2018 11:52 AM
> To: Nicolau, Radu <radu.nicolau@intel.com>; dev@dpdk.org
> Cc: borisp@mellanox.com; Doherty, Declan <declan.doherty@intel.com>;
> stable@dpdk.org
> Subject: Re: [dpdk-stable] [dpdk-dev] [PATCH] security: fix segfault when
> destroy NULL session
> 
> 
> On 7/5/2018 3:34 PM, Radu Nicolau wrote:
> 
> > rte_security_session_destroy should return -EINVAL is session is NULL,
> > but segfaults because of rte_mempool_from_obj(NULL) call.
> >
> > Fixes: c261d1431bd8 ("security: introduce security API and framework")
> > Cc: stable@dpdk.org
> >
> > Signed-off-by: Radu Nicolau <radu.nicolau@intel.com>
> > ---
> 
> Acked-by: Akhil Goyal <akhil.goyal@nxp.com>

Applied to dpdk-next-crypto.
Thanks,

Pablo

diff mbox series

Patch

diff --git a/lib/librte_security/rte_security.c b/lib/librte_security/rte_security.c
index 1e559c9..f862e94 100644
--- a/lib/librte_security/rte_security.c
+++ b/lib/librte_security/rte_security.c
@@ -91,7 +91,6 @@  rte_security_session_destroy(struct rte_security_ctx *instance,
 			     struct rte_security_session *sess)
 {
 	int ret;
-	struct rte_mempool *mp = rte_mempool_from_obj(sess);
 
 	RTE_FUNC_PTR_OR_ERR_RET(*instance->ops->session_destroy, -ENOTSUP);
 
@@ -100,7 +99,7 @@  rte_security_session_destroy(struct rte_security_ctx *instance,
 
 	ret = instance->ops->session_destroy(instance->device, sess);
 	if (!ret)
-		rte_mempool_put(mp, (void *)sess);
+		rte_mempool_put(rte_mempool_from_obj(sess), (void *)sess);
 
 	return ret;
 }