2022-11-21 17:32 (UTC-0500), ok...@kernel.org:
> From: Sinan Kaya <ok...@kernel.org>
>
> In eal_memalloc_is_contig result of call to rte_fbarray_get
> is dereferenced here and may be null.
>
> Signed-off-by: Sinan Kaya <ok...@kernel.org>
> ---
> lib/eal/common/eal_common_memalloc.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/lib/eal/common/eal_common_memalloc.c
> b/lib/eal/common/eal_common_memalloc.c
> index ab04479c1c..24506f8447 100644
> --- a/lib/eal/common/eal_common_memalloc.c
> +++ b/lib/eal/common/eal_common_memalloc.c
> @@ -126,6 +126,9 @@ eal_memalloc_is_contig(const struct rte_memseg_list *msl,
> void *start,
>
> /* skip first iteration */
> ms = rte_fbarray_get(&msl->memseg_arr, start_seg);
> + if (ms == NULL)
> + return false;
> +
> cur = ms->iova;
> expected = cur + pgsz;
>
> @@ -137,7 +140,7 @@ eal_memalloc_is_contig(const struct rte_memseg_list *msl,
> void *start,
> cur_seg++, expected += pgsz) {
> ms = rte_fbarray_get(&msl->memseg_arr, cur_seg);
>
> - if (ms->iova != expected)
> + if ((ms != NULL) && (ms->iova != expected))
> return false;
> }
> }
Invariant: "msl->memseg_arr" elements for existing memsegs are used.
RTE_ASSERT(rte_fbarray_is_used(&msl->memseg_arr, ...)) would be sufficient.
