Parameters count and esize are both unsigned int, and their product can
legally exceed unsigned int and lead to runtime access violation.
Fixes: cc4b218790f6 ("ring: support configurable element size")
Cc: sta...@dpdk.org
Signed-off-by: Zhihong Wang <wangzhihong....@bytedance.com>
---
lib/ring/rte_ring.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/lib/ring/rte_ring.c b/lib/ring/rte_ring.c
index f17bd966be..d1b80597af 100644
--- a/lib/ring/rte_ring.c
+++ b/lib/ring/rte_ring.c
@@ -75,7 +75,7 @@ rte_ring_get_memsize_elem(unsigned int esize, unsigned int
count)
return -EINVAL;
}
- sz = sizeof(struct rte_ring) + count * esize;
+ sz = sizeof(struct rte_ring) + (ssize_t)count * esize;
sz = RTE_ALIGN(sz, RTE_CACHE_LINE_SIZE);
return sz;
}
--
2.11.0
