[dpdk-dev] New Coverity defects in VFIO

Stephen Hemminger Thu, 11 May 2017 09:39:07 -0700

Looks like obvious C array bounds issues...

Begin forwarded message:


Date: Thu, 11 May 2017 06:32:38 -0700
From: scan-ad...@coverity.com
To: step...@networkplumber.org
Subject: New Defects reported by Coverity Scan for DPDK Data Plane Development 
Kit


Hi,

Please find the latest report on new defect(s) introduced to DPDK Data Plane 
Development Kit found with Coverity Scan.

4 new defect(s) introduced to DPDK Data Plane Development Kit found with 
Coverity Scan.
4 defect(s), reported by Coverity Scan earlier, were marked fixed in the recent 
build analyzed by Coverity Scan.

New defect(s) Reported-by: Coverity Scan
Showing 4 of 4 defect(s)


** CID 144558:  Parse warnings  (PARSE_ERROR)
/tmp/auto-config-h.sh.116891.c: 3 in ()


________________________________________________________________________________________________________
*** CID 144558:  Parse warnings  (PARSE_ERROR)
/tmp/auto-config-h.sh.116891.c: 3 in ()
1     #include <linux/pkt_cls.h>
2     
>>>     CID 144558:  Parse warnings  (PARSE_ERROR)
>>>     identifier "TCA_FLOWER_KEY_VLAN_PRIO" is undefined  

** CID 144557:  Memory - corruptions  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 207 in vfio_group_device_put()


________________________________________________________________________________________________________
*** CID 144557:  Memory - corruptions  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 207 in vfio_group_device_put()
201             int i;
202     
203             i = get_vfio_group_idx(vfio_group_fd);
204             if (i < 0 || i > VFIO_MAX_GROUPS)
205                     RTE_LOG(ERR, EAL, "  wrong vfio_group index (%d)\n", i);
206             else
>>>     CID 144557:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements at 
>>> element index 64 (byte offset 768) using index "i" (which evaluates to 64). 
>>>  
207                     vfio_cfg.vfio_groups[i].devices--;
208     }
209     
210     static int
211     vfio_group_device_count(int vfio_group_fd)
212     {

** CID 144556:  Memory - illegal accesses  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 221 in vfio_group_device_count()


________________________________________________________________________________________________________
*** CID 144556:  Memory - illegal accesses  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 221 in vfio_group_device_count()
215             i = get_vfio_group_idx(vfio_group_fd);
216             if (i < 0 || i > VFIO_MAX_GROUPS) {
217                     RTE_LOG(ERR, EAL, "  wrong vfio_group index (%d)\n", i);
218                     return -1;
219             }
220     
>>>     CID 144556:  Memory - illegal accesses  (OVERRUN)
>>>     Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements at 
>>> element index 64 (byte offset 768) using index "i" (which evaluates to 64). 
>>>  
221             return vfio_cfg.vfio_groups[i].devices;
222     }
223     
224     int
225     clear_group(int vfio_group_fd)
226     {

** CID 144555:  Memory - corruptions  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 195 in vfio_group_device_get()


________________________________________________________________________________________________________
*** CID 144555:  Memory - corruptions  (OVERRUN)
/lib/librte_eal/linuxapp/eal/eal_vfio.c: 195 in vfio_group_device_get()
189             int i;
190     
191             i = get_vfio_group_idx(vfio_group_fd);
192             if (i < 0 || i > VFIO_MAX_GROUPS)
193                     RTE_LOG(ERR, EAL, "  wrong vfio_group index (%d)\n", i);
194             else
>>>     CID 144555:  Memory - corruptions  (OVERRUN)
>>>     Overrunning array "vfio_cfg.vfio_groups" of 64 12-byte elements at 
>>> element index 64 (byte offset 768) using index "i" (which evaluates to 64). 
>>>  
195                     vfio_cfg.vfio_groups[i].devices++;
196     }
197     
198     static void
199     vfio_group_device_put(int vfio_group_fd)
200     {


________________________________________________________________________________________________________
To view the defects in Coverity Scan visit, 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRatAu7kfwx-2FEYQLnaewVIzHeicA-2BXVfT6hZ5-2BlQUbOEuO498PDBpm2du3zbqLAIkSYNH-2F4pgPd0yf8CgX5U0jRj_5xu02FVv-2BCbxTLHpBsC0RXI5u3ZIuvswXolnGx3HI6n1gq9Xsuj8K50wQIlWov7yyQRBN8re6yFBwOsnahFZyjQW3aqTA5h9rz-2BI7CfexKV5NFlSm1lW-2Fiif3a6-2Fu7-2Fs613T3n94FacSVILpwmgH4KcYzHtMPdTwJy1kCK02zCViEtNsq-2FCKPHCFx1r4p5UV6Psx61JLzOXw56M2GSEUOPo8sP2PR2MWjeCdy5rfIyU-3D

To manage Coverity Scan email notifications for "step...@networkplumber.org", 
click 
https://u2389337.ct.sendgrid.net/wf/click?upn=08onrYu34A-2BWcWUl-2F-2BfV0V05UPxvVjWch-2Bd2MGckcRbVDbis712qZDP-2FA8y06Nq4sKfrkUL5oDv8dgJj5BU3IfRYzaFCVGnOstQOuK3KKCEYrqlxJ2-2FPVogkBzkcq1Dg-2FyXbbLWT-2BUFivnCf-2Ffy5pynld3GGM7zvzbDuODpBlYA-3D_5xu02FVv-2BCbxTLHpBsC0RXI5u3ZIuvswXolnGx3HI6n1gq9Xsuj8K50wQIlWov7yyQRBN8re6yFBwOsnahFZygYSNuU7rrSKQtPVcIi21MDpz6KZwG8nS4KmgXtet9991WL1lHRPs9GRo4zwJ-2Bnb-2FTnQYqob6zFOkhFpJ-2FjhXOQt2JMEhg-2FflJvekTxexy1BKKt-2FaadTS9JcUmvbkxxm73IxfO8iGv39u0aDGpPB0r8-3D

[dpdk-dev] New Coverity defects in VFIO

Reply via email to