From 66888a37ffc64169aad469be1800316d5409784b Mon Sep 17 00:00:00 2001 From: Piotr Azarewicz Date: Mon, 23 May 2016 14:19:56 +0200 Subject: [PATCH] examples/quota_watermark: fix memory overflow qw app at its init stage reserve 2*sizeof(int) memory space for quota and low_watermark shared variables, but both apps (qw and qwctl) assign wrong address for low_watermark pointer (out of reserved memzone space) due to wrong pointer arithmetic. CID 30709 : Extra sizeof expression (SIZEOF_MISMATCH) suspicious_pointer_arithmetic: Adding 4UL /* sizeof (int) */ to pointer (unsigned int *)(*qw_memzone).addr of type unsigned int * is suspicious because adding an integral value to this pointer automatically scales that value by the size, 4 bytes, of the pointed-to type, unsigned int. Most likely, sizeof (int) is extraneous and should be replaced with 1. Coverity issue: 30709 Fixes: 1d6c3ee3321a ("examples/quota_watermark: initial import") Signed-off-by: Piotr Azarewicz --- examples/quota_watermark/qw/init.c | 2 +- examples/quota_watermark/qwctl/qwctl.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/examples/quota_watermark/qw/init.c b/examples/quota_watermark/qw/init.c index afc13665f4..c208721831 100644 --- a/examples/quota_watermark/qw/init.c +++ b/examples/quota_watermark/qw/init.c @@ -170,5 +170,5 @@ setup_shared_variables(void) rte_exit(EXIT_FAILURE, "%s\n", rte_strerror(rte_errno)); quota = qw_memzone->addr; - low_watermark = (unsigned int *) qw_memzone->addr + sizeof(int); + low_watermark = (unsigned int *) qw_memzone->addr + 1; } diff --git a/examples/quota_watermark/qwctl/qwctl.c b/examples/quota_watermark/qwctl/qwctl.c index eb2f618a02..4961089b8a 100644 --- a/examples/quota_watermark/qwctl/qwctl.c +++ b/examples/quota_watermark/qwctl/qwctl.c @@ -68,7 +68,7 @@ setup_shared_variables(void) rte_exit(EXIT_FAILURE, "Couldn't find memzone\n"); quota = qw_memzone->addr; - low_watermark = (unsigned int *) qw_memzone->addr + sizeof(int); + low_watermark = (unsigned int *) qw_memzone->addr + 1; } int main(int argc, char **argv) -- 2.20.1