From mboxrd@z Thu Jan 1 00:00:00 1970 From: Yuanhan Liu Subject: Re: [PATCH] net/virtio: do not gso when no header is present Date: Mon, 30 Jan 2017 20:42:41 +0800 Message-ID: <20170130124241.GF20916@yliu-dev.sh.intel.com> References: <20170124203603.3887-1-emmanuel.roullit@gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: huawei.xie@intel.com, dev@dpdk.org, Thomas Monjalon , stable@dpdk.org To: Emmanuel Roullit Return-path: Content-Disposition: inline In-Reply-To: <20170124203603.3887-1-emmanuel.roullit@gmail.com> List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" On Tue, Jan 24, 2017 at 09:36:03PM +0100, Emmanuel Roullit wrote: > Found with clang static analysis: > lib/librte_vhost/virtio_net.c:723:17: warning: > Access to field 'data_off' results in a dereference of a null pointer > (loaded from variable 'tcp_hdr') > m->l4_len = (tcp_hdr->data_off & 0xf0) >> 2; > ^~~~~~~~~~~~~~~~~ This is a good fix, thanks. But there are few minor nits. Firstly, prefix is wrong: it should be "vhost" but not "net/virtio". > Fixes: 2a51b1091cb5 ("vhost: support indirect descriptor in non-mergeable Rx") That's not the original commit introduced such issue, d0cf91303d73 ("vhost: add Tx offload capabilities") is. I actually saw you have made this kind of mistakes (referencing the wrong culprit commit) few times. I'm wondering how did you get that. Besides those, I think it's a good candidate for a stable release: thinking that a malicious guest might forge some invalid virtio net headers, which would make this potential NULL dereference become real. So, Cc: stable@dpdk.org, And Applied to dpdk-next-virtio. --yliu