[PATCH] ring: fix overflow in memory size calcuation

Ananyev, Konstantin konstantin.ananyev at intel.com
Wed Dec 15 14:18:55 CET 2021

Previous message (by thread): [PATCH] ring: fix overflow in memory size calcuation
Next message (by thread): [PATCH] mem: exclude used memory from core dump by config
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]


> Parameters count and esize are both unsigned int, and their product can
> legally exceed unsigned int and lead to runtime access violation.
> 
> Fixes: cc4b218790f6 ("ring: support configurable element size")
> Cc: stable at dpdk.org
> 
> Signed-off-by: Zhihong Wang <wangzhihong.wzh at bytedance.com>
> ---
>  lib/ring/rte_ring.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/lib/ring/rte_ring.c b/lib/ring/rte_ring.c
> index f17bd966be..d1b80597af 100644
> --- a/lib/ring/rte_ring.c
> +++ b/lib/ring/rte_ring.c
> @@ -75,7 +75,7 @@ rte_ring_get_memsize_elem(unsigned int esize, unsigned int count)
>  		return -EINVAL;
>  	}
> 
> -	sz = sizeof(struct rte_ring) + count * esize;
> +	sz = sizeof(struct rte_ring) + (ssize_t)count * esize;
>  	sz = RTE_ALIGN(sz, RTE_CACHE_LINE_SIZE);
>  	return sz;
>  }
> --

Acked-by: Konstantin Ananyev <konstantin.ananyev at intel.com>

> 2.11.0

Previous message (by thread): [PATCH] ring: fix overflow in memory size calcuation
Next message (by thread): [PATCH] mem: exclude used memory from core dump by config
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the stable mailing list