malloc: fix realloc copy size

In rte_realloc, if the old element has pad and need to allocate a new
memory, the padding size was not deducted, so more data was copied to
new data area.

Fixes: af75078fece3 ("first public release")
Cc: stable@dpdk.org
Signed-off-by: Xueming Li <xuemingl@mellanox.com>
Reviewed-by: Anatoly Burakov <anatoly.burakov@intel.com>

diff --git a/lib/librte_eal/common/rte_malloc.c b/lib/librte_eal/common/rte_malloc.c
index 413e4aa..d6026a2 100644 (file)
--- a/lib/librte_eal/common/rte_malloc.c
+++ b/lib/librte_eal/common/rte_malloc.c
@@ -150,7 +150,8 @@ rte_realloc_socket(void *ptr, size_t size, unsigned int align, int socket)
        void *new_ptr = rte_malloc_socket(NULL, size, align, socket);
        if (new_ptr == NULL)
                return NULL;
-       const unsigned old_size = elem->size - MALLOC_ELEM_OVERHEAD;
+       /* elem: |pad|data_elem|data|trailer| */
+       const size_t old_size = elem->size - elem->pad - MALLOC_ELEM_OVERHEAD;
        rte_memcpy(new_ptr, ptr, old_size < size ? old_size : size);
        rte_free(ptr);