Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

null return from allocation being dereferenced in memcpy #46

Closed
ColinIanKing opened this issue Jun 19, 2023 · 2 comments
Closed

null return from allocation being dereferenced in memcpy #46

ColinIanKing opened this issue Jun 19, 2023 · 2 comments

Comments

@ColinIanKing
Copy link
Contributor

ColinIanKing commented Jun 19, 2023
edited
Loading

source: ./quickassist/lookaside/access_layer/src/sample_code/functional/dc/stateless_multi_op_checksum_sample/cpa_dc_stateless_multi_op_checksum_sample.c - function compPerformOp:

lines: 262..266
        if (CPA_STATUS_SUCCESS == status)
        {
            status = OS_MALLOC(&bufferListDstArray[bufferNum].pBuffers,
                               sizeof(CpaFlatBuffer));
        }

lines: 296..311:


        if (CPA_STATUS_SUCCESS == status)
        {
            status = PHYS_CONTIG_ALLOC(
                &bufferListDstArray[bufferNum].pBuffers->pData, bufferSize);
            bufferListDstArray[bufferNum].pBuffers->dataLenInBytes = bufferSize;
        }
        if (CPA_STATUS_SUCCESS == status)
        {
            status = PHYS_CONTIG_ALLOC(
                &bufferListDstArray2[bufferNum].pBuffers->pData, bufferSize);
            bufferListDstArray2[bufferNum].pBuffers->dataLenInBytes =
                bufferSize;
        }
        memcpy(bufferListSrcArray[bufferNum].pBuffers->pData,
               sampleData + (bufferNum * bufferSize),
               bufferSize);

bufferListSrcArray[bufferNum].pBuffers may be null if the call to OS_MALLOC fails, so the deference via &bufferListDstArray[bufferNum].pBuffers->pData in the PHYS_CONTIG_ALLOC() call will cause a segmentation fault.

The memcpy call accesses bufferListSrcArray[bufferNum].pBuffers->pData that may be null if the call to PHYS_CONTIG_ALLOC fails, also causing a segmentation fault.
@fionatrahe
Copy link
Contributor

Thank Colin. taking this into our internal team, will include the fix in the next release.

fionatrahe added a commit that referenced this issue Sep 8, 2023
@fionatrahe
Add resolved errata for two issues
47ce96b 
Add errata to the Resolved Issues section of the README.md
for these issues raised on the public qatlib repo:
#38 (QATE-90845)
#46 (QATE-93278)

Also remove an unnecessary blank line in first row of
Revision history table.

Signed-off-by: Fiona Trahe <[email protected]>
fionatrahe added a commit that referenced this issue Sep 8, 2023
@fionatrahe
Add resolved errata for two issues
a72e39a 
Add errata to the Resolved Issues section of the README.md
for these issues raised on the public qatlib repo:
#38 (QATE-90845)
#46 (QATE-93278)

Also remove an unnecessary blank line in first row of
Revision history table.

Signed-off-by: Fiona Trahe <[email protected]>
@fionatrahe fionatrahe mentioned this issue Sep 8, 2023
Merged
gcabiddu pushed a commit that referenced this issue Sep 8, 2023
@fionatrahe @gcabiddu
Add resolved errata for two issues
7429ee2 
Add errata to the Resolved Issues section of the README.md
for these issues raised on the public qatlib repo:
#38 (QATE-90845)
#46 (QATE-93278)

Also remove an unnecessary blank line in first row of
Revision history table.

Signed-off-by: Fiona Trahe <[email protected]>
@fionatrahe
Copy link
Contributor

https://github.com/intel/qatlib#qate-93278 Fixed in qatlib 23.08

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ColinIanKing @fionatrahe