[dpdk-dev] New Coverity defects in VFIO

Stephen Hemminger stephen at networkplumber.org
Thu May 11 18:38:39 CEST 2017

Previous message: [dpdk-dev] [PATCH] vhost: check malloc return value when allocating guest pages
Next message: [dpdk-dev] New Coverity defects in VFIO
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Looks like obvious C array bounds issues...

Begin forwarded message:

Date: Thu, 11 May 2017 06:32:38 -0700
From: scan-admin at coverity.com
To: stephen at networkplumber.org
Subject: New Defects reported by Coverity Scan for DPDK Data Plane Development Kit


Hi,

Please find the latest report on new defect(s) introduced to DPDK Data Plane Development Kit found with Coverity Scan.

4 new defect(s) introduced to DPDK Data Plane Development Kit found with Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 144558:  Parse warnings  (PARSE_ERROR)
/tmp/auto-config-h.sh.116891.c: 3 in ()


________________________________________________________________________________________________________
*** CID 144558:  Parse warnings  (PARSE_ERROR)
/tmp/auto-config-h.sh.116891.c: 3 in ()
1     #include <linux/pkt_cls.h>
2     
>>>     CID 144558:  Parse warnings  (PARSE_ERROR)
>>>     identifier "TCA_FLOWER_KEY_VLAN_PRIO" is undefined  

** CID 144557:  Memory - corruptions  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 207 in vfio_group_device_put()


________________________________________________________________________________________________________
*** CID 144557:  Memory - corruptions  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 207 in vfio_group_device_put()
201     	int i;
202     
203     	i = get_vfio_group_idx(vfio_group_fd);
204     	if (i < 0 || i > VFIO_MAX_GROUPS)
205     		RTE_LOG(ERR, EAL, "  wrong vfio_group index (%d)\n", i);
206     	else
>>>     CID 144557:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements at element index 64 (byte offset 768) using index "i" (which evaluates to 64).  
207     		vfio_cfg.vfio_groups[i].devices--;
208     }
209     
210     static int
211     vfio_group_device_count(int vfio_group_fd)
212     {

** CID 144556:  Memory - illegal accesses  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 221 in vfio_group_device_count()


________________________________________________________________________________________________________
*** CID 144556:  Memory - illegal accesses  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 221 in vfio_group_device_count()
215     	i = get_vfio_group_idx(vfio_group_fd);
216     	if (i < 0 || i > VFIO_MAX_GROUPS) {
217     		RTE_LOG(ERR, EAL, "  wrong vfio_group index (%d)\n", i);
218     		return -1;
219     	}
220     
>>>     CID 144556:  Memory - illegal accesses  (OVERRUN)
>>>     Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements at element index 64 (byte offset 768) using index "i" (which evaluates to 64).  
221     	return vfio_cfg.vfio_groups[i].devices;
222     }
223     
224     int
225     clear_group(int vfio_group_fd)
226     {

** CID 144555:  Memory - corruptions  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 195 in vfio_group_device_get()


________________________________________________________________________________________________________
*** CID 144555:  Memory - corruptions  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 195 in vfio_group_device_get()
189     	int i;
190     
191     	i = get_vfio_group_idx(vfio_group_fd);
192     	if (i < 0 || i > VFIO_MAX_GROUPS)
193     		RTE_LOG(ERR, EAL, "  wrong vfio_group index (%d)\n", i);
194     	else
>>>     CID 144555:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements at element index 64 (byte offset 768) using index "i" (which evaluates to 64).  
195     		vfio_cfg.vfio_groups[i].devices++;
196     }
197     
198     static void
199     vfio_group_device_put(int vfio_group_fd)
200     {


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRatAu7kfwx-2FEYQLnaewVIzHeicA-2BXVfT6hZ5-2BlQUbOEuO498PDBpm2du3zbqLAIkSYNH-2F4pgPd0yf8CgX5U0jRj_5xu02FVv-2BCbxTLHpBsC0RXI5u3ZIuvswXolnGx3HI6n1gq9Xsuj8K50wQIlWov7yyQRBN8re6yFBwOsnahFZyjQW3aqTA5h9rz-2BI7CfexKV5NFlSm1lW-2Fiif3a6-2Fu7-2Fs613T3n94FacSVILpwmgH4KcYzHtMPdTwJy1kCK02zCViEtNsq-2FCKPHCFx1r4p5UV6Psx61JLzOXw56M2GSEUOPo8sP2PR2MWjeCdy5rfIyU-3D

To manage Coverity Scan email notifications for "stephen at networkplumber.org", click https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4sKfrkUL5oDv8dgJj5BU3IfRYzaFCVGnOstQOuK3KKCEYrqlxJ2-2FPVogkBzkcq1Dg-2FyXbbLWT-2BUFivnCf-2Ffy5pynld3GGM7zvzbDuODpBlYA-3D_5xu02FVv-2BCbxTLHpBsC0RXI5u3ZIuvswXolnGx3HI6n1gq9Xsuj8K50wQIlWov7yyQRBN8re6yFBwOsnahFZygYSNuU7rrSKQtPVcIi21MDpz6KZwG8nS4KmgXtet9991WL1lHRPs9GRo4zwJ-2Bnb-2FTnQYqob6zFOkhFpJ-2FjhXOQt2JMEhg-2FflJvekTxexy1BKKt-2FaadTS9JcUmvbkxxm73IxfO8iGv39u0aDGpPB0r8-3D

Previous message: [dpdk-dev] [PATCH] vhost: check malloc return value when allocating guest pages
Next message: [dpdk-dev] New Coverity defects in VFIO
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list