Message ID | 1461321858-30339-1-git-send-email-michalx.kobylinski@intel.com (mailing list archive) |
---|---|
State | Rejected, archived |
Delegated to: | Thomas Monjalon |
Headers |
Return-Path: <dev-bounces@dpdk.org> X-Original-To: patchwork@dpdk.org Delivered-To: patchwork@dpdk.org Received: from [92.243.14.124] (localhost [IPv6:::1]) by dpdk.org (Postfix) with ESMTP id DA0D72E8D; Fri, 22 Apr 2016 13:15:07 +0200 (CEST) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by dpdk.org (Postfix) with ESMTP id 29BE32E83 for <dev@dpdk.org>; Fri, 22 Apr 2016 13:15:06 +0200 (CEST) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga101.fm.intel.com with ESMTP; 22 Apr 2016 04:15:06 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.24,516,1455004800"; d="scan'208";a="964221379" Received: from gklab-246-020.igk.intel.com (HELO Sent) ([10.217.246.20]) by fmsmga002.fm.intel.com with SMTP; 22 Apr 2016 04:15:03 -0700 Received: by Sent (sSMTP sendmail emulation); Fri, 22 Apr 2016 12:44:22 +0200 From: Michal Kobylinski <michalx.kobylinski@intel.com> To: thomas.monjalon@6wind.com, dev@dpdk.org Cc: Michal Kobylinski <michalx.kobylinski@intel.com> Date: Fri, 22 Apr 2016 12:44:18 +0200 Message-Id: <1461321858-30339-1-git-send-email-michalx.kobylinski@intel.com> X-Mailer: git-send-email 1.9.1 Subject: [dpdk-dev] [PATCH] mem: fix overflowed return value X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: patches and discussions about DPDK <dev.dpdk.org> List-Unsubscribe: <http://dpdk.org/ml/options/dev>, <mailto:dev-request@dpdk.org?subject=unsubscribe> List-Archive: <http://dpdk.org/ml/archives/dev/> List-Post: <mailto:dev@dpdk.org> List-Help: <mailto:dev-request@dpdk.org?subject=help> List-Subscribe: <http://dpdk.org/ml/listinfo/dev>, <mailto:dev-request@dpdk.org?subject=subscribe> Errors-To: dev-bounces@dpdk.org Sender: "dev" <dev-bounces@dpdk.org> |
Commit Message
Michal Kobylinski
April 22, 2016, 10:44 a.m. UTC
Fix issue reported by Coverity.
Coverity ID 13255: Overflowed return value: The return value will be too
small or even negative, likely resulting in unexpected behavior in a
caller that uses the return value. In rte_mem_virt2phy: An integer
overflow occurs, with the overflowed value used as the return value of
the function
Fixes: 3097de6e6bfb ("mem: get physical address of any pointer")
Signed-off-by: Michal Kobylinski <michalx.kobylinski@intel.com>
---
lib/librte_eal/linuxapp/eal/eal_memory.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Comments
On Fri, 22 Apr 2016 12:44:18 +0200 Michal Kobylinski <michalx.kobylinski@intel.com> wrote: > Fix issue reported by Coverity. > > Coverity ID 13255: Overflowed return value: The return value will be too > small or even negative, likely resulting in unexpected behavior in a > caller that uses the return value. In rte_mem_virt2phy: An integer > overflow occurs, with the overflowed value used as the return value of > the function > > Fixes: 3097de6e6bfb ("mem: get physical address of any pointer") > > Signed-off-by: Michal Kobylinski <michalx.kobylinski@intel.com> > --- > lib/librte_eal/linuxapp/eal/eal_memory.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/linuxapp/eal/eal_memory.c > index 5b9132c..6ceca5b 100644 > --- a/lib/librte_eal/linuxapp/eal/eal_memory.c > +++ b/lib/librte_eal/linuxapp/eal/eal_memory.c > @@ -195,7 +195,7 @@ rte_mem_virt2phy(const void *virtaddr) > * the pfn (page frame number) are bits 0-54 (see > * pagemap.txt in linux Documentation) > */ > - physaddr = ((page & 0x7fffffffffffffULL) * page_size) > + physaddr = (uint64_t)((page & 0x7fffffffffffffULL) * page_size) > + ((unsigned long)virtaddr % page_size); > close(fd); > return physaddr; I am not trusting any of these Coverity patches you are sending. It seems you think wraparound can be just fixed by casting, it can't
>-----Original Message----- >From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Stephen Hemminger >Sent: Friday, April 22, 2016 6:25 PM >To: Kobylinski, MichalX <michalx.kobylinski@intel.com> >Cc: thomas.monjalon@6wind.com; dev@dpdk.org >Subject: Re: [dpdk-dev] [PATCH] mem: fix overflowed return value > >On Fri, 22 Apr 2016 12:44:18 +0200 >Michal Kobylinski <michalx.kobylinski@intel.com> wrote: > >> Fix issue reported by Coverity. >> >> Coverity ID 13255: Overflowed return value: The return value will be too >> small or even negative, likely resulting in unexpected behavior in a >> caller that uses the return value. In rte_mem_virt2phy: An integer >> overflow occurs, with the overflowed value used as the return value of >> the function >> >> Fixes: 3097de6e6bfb ("mem: get physical address of any pointer") >> >> Signed-off-by: Michal Kobylinski <michalx.kobylinski@intel.com> >> --- >> lib/librte_eal/linuxapp/eal/eal_memory.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c >b/lib/librte_eal/linuxapp/eal/eal_memory.c >> index 5b9132c..6ceca5b 100644 >> --- a/lib/librte_eal/linuxapp/eal/eal_memory.c >> +++ b/lib/librte_eal/linuxapp/eal/eal_memory.c >> @@ -195,7 +195,7 @@ rte_mem_virt2phy(const void *virtaddr) >> * the pfn (page frame number) are bits 0-54 (see >> * pagemap.txt in linux Documentation) >> */ >> - physaddr = ((page & 0x7fffffffffffffULL) * page_size) >> + physaddr = (uint64_t)((page & 0x7fffffffffffffULL) * page_size) >> + ((unsigned long)virtaddr % page_size); >> close(fd); >> return physaddr; > >I am not trusting any of these Coverity patches you are sending. >It seems you think wraparound can be just fixed by casting, it can't From my point of view it's False Possitive there is no chance that page_size will be bigger than long. Coverity Assume that page_size may be 18446744071562067968 but it can't. Only for glibc<2.1 we probably should change page_size = getpagesize(); to page_size = sysconf(_SC_PAGESIZE); May I change this Coverity to False Positive or I missed something ? What's your opinion ?
> -----Original Message----- > From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Mrzyglod, DanielX > T > Sent: Wednesday, June 08, 2016 1:41 PM > To: Stephen Hemminger <stephen@networkplumber.org>; Kobylinski, > MichalX <michalx.kobylinski@intel.com> > Cc: thomas.monjalon@6wind.com; dev@dpdk.org; > david.marchand@6wind.com > Subject: Re: [dpdk-dev] [PATCH] mem: fix overflowed return value > > > > >-----Original Message----- > >From: dev [mailto:dev-bounces@dpdk.org] On Behalf Of Stephen > Hemminger > >Sent: Friday, April 22, 2016 6:25 PM > >To: Kobylinski, MichalX <michalx.kobylinski@intel.com> > >Cc: thomas.monjalon@6wind.com; dev@dpdk.org > >Subject: Re: [dpdk-dev] [PATCH] mem: fix overflowed return value > > > >On Fri, 22 Apr 2016 12:44:18 +0200 > >Michal Kobylinski <michalx.kobylinski@intel.com> wrote: > > > >> Fix issue reported by Coverity. > >> > >> Coverity ID 13255: Overflowed return value: The return value will be too > >> small or even negative, likely resulting in unexpected behavior in a > >> caller that uses the return value. In rte_mem_virt2phy: An integer > >> overflow occurs, with the overflowed value used as the return value of > >> the function > >> > >> Fixes: 3097de6e6bfb ("mem: get physical address of any pointer") > >> > >> Signed-off-by: Michal Kobylinski <michalx.kobylinski@intel.com> > >> --- > >> lib/librte_eal/linuxapp/eal/eal_memory.c | 2 +- > >> 1 file changed, 1 insertion(+), 1 deletion(-) > >> > >> diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c > >b/lib/librte_eal/linuxapp/eal/eal_memory.c > >> index 5b9132c..6ceca5b 100644 > >> --- a/lib/librte_eal/linuxapp/eal/eal_memory.c > >> +++ b/lib/librte_eal/linuxapp/eal/eal_memory.c > >> @@ -195,7 +195,7 @@ rte_mem_virt2phy(const void *virtaddr) > >> * the pfn (page frame number) are bits 0-54 (see > >> * pagemap.txt in linux Documentation) > >> */ > >> - physaddr = ((page & 0x7fffffffffffffULL) * page_size) > >> + physaddr = (uint64_t)((page & 0x7fffffffffffffULL) * page_size) > >> + ((unsigned long)virtaddr % page_size); > >> close(fd); > >> return physaddr; > > > >I am not trusting any of these Coverity patches you are sending. > >It seems you think wraparound can be just fixed by casting, it can't > > From my point of view it's False Possitive there is no chance that page_size > will be bigger than long. > Coverity Assume that page_size may be 18446744071562067968 but it can't. > > Only for glibc<2.1 we probably should change page_size = getpagesize(); to > page_size = sysconf(_SC_PAGESIZE); > May I change this Coverity to False Positive or I missed something ? What's > your opinion ? Hi David, What is Your opinion about classifying this defect as false/positive? We would like to move forward with this work. Michal
diff --git a/lib/librte_eal/linuxapp/eal/eal_memory.c b/lib/librte_eal/linuxapp/eal/eal_memory.c index 5b9132c..6ceca5b 100644 --- a/lib/librte_eal/linuxapp/eal/eal_memory.c +++ b/lib/librte_eal/linuxapp/eal/eal_memory.c @@ -195,7 +195,7 @@ rte_mem_virt2phy(const void *virtaddr) * the pfn (page frame number) are bits 0-54 (see * pagemap.txt in linux Documentation) */ - physaddr = ((page & 0x7fffffffffffffULL) * page_size) + physaddr = (uint64_t)((page & 0x7fffffffffffffULL) * page_size) + ((unsigned long)virtaddr % page_size); close(fd); return physaddr;