https://bugs.linaro.org/show_bug.cgi?id=3581
Bug ID: 3581 Summary: classification: invalid memory access in RSS hash Product: OpenDataPlane - linux- generic reference Version: master Hardware: Other OS: Linux Status: UNCONFIRMED Severity: major Priority: --- Component: Classification Assignee: bala.manoha...@linaro.org Reporter: or...@starflownetworks.com CC: lng-odp@lists.linaro.org Target Milestone: --- In packet_rss_hash() the IPv4, IPv6, TCP and UDP fields are obtained adding the L3 and L4 offsets to the base pointer of the packet: ipv4 = (const _odp_ipv4hdr_t *)base + pkt_hdr->p.l3_offset; However, in C the cast operator has precedence over the addition operator. The addition is done using pointer arithmetic (_odp_ipv4hdr_t*), rather than byte arithmetic (uint8_t*). For IPv4, the access is 266 bytes off. This causes incorrect hashing and potential segmentation fault. The correct access would be: ipv4 = (const _odp_ipv4hdr_t *)(base + pkt_hdr->p.l3_offset); -- You are receiving this mail because: You are on the CC list for the bug.