From: Pablo de Lara Date: Mon, 31 Jul 2017 04:40:37 +0000 (+0100) Subject: examples/l2fwd-crypto: fix possible out-of-bounds X-Git-Tag: spdx-start~2273 X-Git-Url: http://git.droids-corp.org/?a=commitdiff_plain;h=8dbc9bbfe3d08d563abe7a65af7262af67214cf6;p=dpdk.git examples/l2fwd-crypto: fix possible out-of-bounds rte_cryptodev_socket_id() returns the socket id of a crypto device, unless the device id is not valid, in which case, it returns -1. This should not happen, as the device id is controlled by the application, but just for safety, a check is added. Coverity issue: 158628, 158638, 158656, 158662 Fixes: b3bbd9e5f265 ("cryptodev: support device independent sessions") Signed-off-by: Pablo de Lara --- diff --git a/examples/l2fwd-crypto/main.c b/examples/l2fwd-crypto/main.c index 83446f3869..f020be32d8 100644 --- a/examples/l2fwd-crypto/main.c +++ b/examples/l2fwd-crypto/main.c @@ -662,7 +662,12 @@ initialize_crypto_session(struct l2fwd_crypto_options *options, uint8_t cdev_id) { struct rte_crypto_sym_xform *first_xform; struct rte_cryptodev_sym_session *session; - uint8_t socket_id = rte_cryptodev_socket_id(cdev_id); + int retval = rte_cryptodev_socket_id(cdev_id); + + if (retval < 0) + return NULL; + + uint8_t socket_id = (uint8_t) retval; struct rte_mempool *sess_mp = session_pool_socket[socket_id]; if (options->xform_chain == L2FWD_CRYPTO_AEAD) { @@ -1996,7 +2001,14 @@ initialize_cryptodevs(struct l2fwd_crypto_options *options, unsigned nb_ports, cdev_id++) { struct rte_cryptodev_qp_conf qp_conf; struct rte_cryptodev_info dev_info; - uint8_t socket_id = rte_cryptodev_socket_id(cdev_id); + retval = rte_cryptodev_socket_id(cdev_id); + + if (retval < 0) { + printf("Invalid crypto device id used\n"); + return -1; + } + + uint8_t socket_id = (uint8_t) retval; struct rte_cryptodev_config conf = { .nb_queue_pairs = 1,