From mboxrd@z Thu Jan 1 00:00:00 1970 From: Thomas Monjalon Subject: Re: [PATCH] eal: Copy raw strings taken from command line Date: Mon, 09 Oct 2017 23:27:11 +0200 Message-ID: <94235766.fjgY1ahyDR@xps> References: <20170804185357.6612-1-patrick@patrickmacarthur.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7Bit Cc: dev@dpdk.org, Sergio Gonzalez Monroy , stable@dpdk.org To: Patrick MacArthur Return-path: In-Reply-To: List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org Sender: "dev" 04/09/2017 12:12, Sergio Gonzalez Monroy: > On 04/08/2017 19:53, Patrick MacArthur wrote: > > Normally, command line argument strings are considered immutable, but > > SPDK [1] and urdma [2] construct argv arrays to pass to rte_eal_init(). > > These strings are allocated using malloc() and freed after DPDK > > initialization with free(). However, in the case of --file-prefix and > > --huge-dir, DPDK takes the pointer to these strings in argv directly. If > > a secondary process calls rte_eal_pci_probe() after rte_eal_init() > > returns, as is done by SPDK, this causes a use-after-free error because > > the strings have been freed by the calling code immediately after > > rte_eal_init() returns. [...] > > Fix this by using strdup() to create separate memory buffers for these > > strings. Note that this patch will cause valgrind to report memory > > leaks of these buffers as there is nowhere to free them. Using static > > buffers is an option but would make these strings have a fixed maximum > > length whereas there is currently no limit defined by the API. > > > > [1] http://spdk.io > > [2] https://github.com/zrlio/urdma > > > > Fixes: af75078fece3 ("first public release") > > Cc: stable@dpdk.org > > > > Signed-off-by: Patrick MacArthur > > Acked-by: Sergio Gonzalez Monroy Applied, thanks