vhost: fix null pointer checking

Null value for parameters will cause segfault.

Fixes: d7280c9fffcb ("vhost: support selective datapath")
Fixes: 72e8543093df ("vhost: add API to get MTU value")
Fixes: a277c7159876 ("vhost: refactor code structure")
Fixes: ca33faf9ef10 ("vhost: introduce API to fetch negotiated features")
Fixes: eb32247457fe ("vhost: export guest memory regions")
Fixes: 40ef286f236a ("vhost: export vhost vring info")
Fixes: bd2e0c3fe5ac ("vhost: add APIs for live migration")
Fixes: 0b8572a0c101 ("vhost: add external message handling to the API")
Fixes: b4953225cea4 ("vhost: add APIs for datapath configuration")
Fixes: 5fbb3941da9f ("vhost: introduce driver features related APIs")
Fixes: 292959c71961 ("vhost: cleanup unix socket")
Cc: stable@dpdk.org
Signed-off-by: Mohammad Abdul Awal <mohammad.abdul.awal@intel.com>
Reviewed-by: Tiwei Bie <tiwei.bie@intel.com>

diff --git a/lib/librte_vhost/socket.c b/lib/librte_vhost/socket.c
index f0fdb83..c7a77a5 100644 (file)
--- a/lib/librte_vhost/socket.c
+++ b/lib/librte_vhost/socket.c
@@ -549,6 +549,9 @@ find_vhost_user_socket(const char *path)
 {
        int i;
 
+       if (path == NULL)
+               return NULL;
+
        for (i = 0; i < vhost_user.vsocket_cnt; i++) {
                struct vhost_user_socket *vsocket = vhost_user.vsockets[i];
 
@@ -564,7 +567,7 @@ rte_vhost_driver_attach_vdpa_device(const char *path, int did)
 {
        struct vhost_user_socket *vsocket;
 
-       if (rte_vdpa_get_device(did) == NULL)
+       if (rte_vdpa_get_device(did) == NULL || path == NULL)
                return -1;
 
        pthread_mutex_lock(&vhost_user.mutex);
@@ -977,6 +980,9 @@ rte_vhost_driver_unregister(const char *path)
        int count;
        struct vhost_user_connection *conn, *next;
 
+       if (path == NULL)
+               return -1;
+
 again:
        pthread_mutex_lock(&vhost_user.mutex);
 

diff --git a/lib/librte_vhost/vdpa.c b/lib/librte_vhost/vdpa.c
index 321e11f..e915488 100644 (file)
--- a/lib/librte_vhost/vdpa.c
+++ b/lib/librte_vhost/vdpa.c
@@ -49,7 +49,7 @@ rte_vdpa_register_device(struct rte_vdpa_dev_addr *addr,
        char device_name[MAX_VDPA_NAME_LEN];
        int i;
 
-       if (vdpa_device_num >= MAX_VHOST_DEVICE)
+       if (vdpa_device_num >= MAX_VHOST_DEVICE || addr == NULL || ops == NULL)
                return -1;
 
        for (i = 0; i < MAX_VHOST_DEVICE; i++) {
@@ -99,6 +99,9 @@ rte_vdpa_find_device_id(struct rte_vdpa_dev_addr *addr)
        struct rte_vdpa_device *dev;
        int i;
 
+       if (addr == NULL)
+               return -1;
+
        for (i = 0; i < MAX_VHOST_DEVICE; ++i) {
                dev = vdpa_devices[i];
                if (dev && is_same_vdpa_device(&dev->addr, addr))

diff --git a/lib/librte_vhost/vhost.c b/lib/librte_vhost/vhost.c
index e480aea..163f459 100644 (file)
--- a/lib/librte_vhost/vhost.c
+++ b/lib/librte_vhost/vhost.c
@@ -447,7 +447,7 @@ rte_vhost_get_mtu(int vid, uint16_t *mtu)
 {
        struct virtio_net *dev = get_device(vid);
 
-       if (!dev)
+       if (dev == NULL || mtu == NULL)
                return -ENODEV;
 
        if (!(dev->flags & VIRTIO_DEV_READY))
@@ -515,7 +515,7 @@ rte_vhost_get_ifname(int vid, char *buf, size_t len)
 {
        struct virtio_net *dev = get_device(vid);
 
-       if (dev == NULL)
+       if (dev == NULL || buf == NULL)
                return -1;
 
        len = RTE_MIN(len, sizeof(dev->ifname));
@@ -532,7 +532,7 @@ rte_vhost_get_negotiated_features(int vid, uint64_t *features)
        struct virtio_net *dev;
 
        dev = get_device(vid);
-       if (!dev)
+       if (dev == NULL || features == NULL)
                return -1;
 
        *features = dev->features;
@@ -547,7 +547,7 @@ rte_vhost_get_mem_table(int vid, struct rte_vhost_memory **mem)
        size_t size;
 
        dev = get_device(vid);
-       if (!dev)
+       if (dev == NULL || mem == NULL)
                return -1;
 
        size = dev->mem->nregions * sizeof(struct rte_vhost_mem_region);
@@ -570,7 +570,7 @@ rte_vhost_get_vhost_vring(int vid, uint16_t vring_idx,
        struct vhost_virtqueue *vq;
 
        dev = get_device(vid);
-       if (!dev)
+       if (dev == NULL || vring == NULL)
                return -1;
 
        if (vring_idx >= VHOST_MAX_VRING)
@@ -763,7 +763,7 @@ int rte_vhost_get_log_base(int vid, uint64_t *log_base,
 {
        struct virtio_net *dev = get_device(vid);
 
-       if (!dev)
+       if (dev == NULL || log_base == NULL || log_size == NULL)
                return -1;
 
        *log_base = dev->log_base;
@@ -777,7 +777,7 @@ int rte_vhost_get_vring_base(int vid, uint16_t queue_id,
 {
        struct virtio_net *dev = get_device(vid);
 
-       if (!dev)
+       if (dev == NULL || last_avail_idx == NULL || last_used_idx == NULL)
                return -1;
 
        *last_avail_idx = dev->virtqueue[queue_id]->last_avail_idx;
@@ -805,7 +805,7 @@ int rte_vhost_extern_callback_register(int vid,
 {
        struct virtio_net *dev = get_device(vid);
 
-       if (!dev)
+       if (dev == NULL || ops == NULL)
                return -1;
 
        dev->extern_ops = *ops;