d/numam-dpdk
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

net/iavf: fix potential out-of-bounds access

Browse Source 
Fix potential out-of-bounds access as overrunning callee's array of
size 26 by passing argument rxq->rxdid(which evaluates to 63) in call
to iavf_rx_scan_hw_ring_flex_rxd.

Coverity issue: 376616
Fixes: 0ed16e0131 ("net/iavf: fix function pointer in multi-process")
Cc: stable@dpdk.org

Signed-off-by: Leyi Rong <leyi.rong@intel.com>
Reviewed-by: Ferruh Yigit <ferruh.yigit@intel.com>
This commit is contained in:
Leyi Rong 2022-03-08 13:56:17 +08:00 committed by Ferruh Yigit
parent 31c23acc08
commit d78d21b983
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
drivers/net/iavf/iavf_rxtx.c
View File

@ -476,7 +476,7 @@ iavf_rxd_to_pkt_fields_by_comms_aux_v2(struct iavf_rx_queue *rxq,
}
static const
iavf_rxd_to_pkt_fields_t rxd_to_pkt_fields_ops[] = {
iavf_rxd_to_pkt_fields_t rxd_to_pkt_fields_ops[IAVF_RXDID_LAST + 1] = {
[IAVF_RXDID_COMMS_AUX_VLAN] = iavf_rxd_to_pkt_fields_by_comms_aux_v1,
[IAVF_RXDID_COMMS_AUX_IPV4] = iavf_rxd_to_pkt_fields_by_comms_aux_v1,
[IAVF_RXDID_COMMS_AUX_IPV6] = iavf_rxd_to_pkt_fields_by_comms_aux_v1,