From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 5E5C345CE8; Mon, 11 Nov 2024 12:24:45 +0100 (CET) Received: from mails.dpdk.org (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id E6CA240E0C; Mon, 11 Nov 2024 12:24:44 +0100 (CET) Received: from fhigh-a4-smtp.messagingengine.com (fhigh-a4-smtp.messagingengine.com [103.168.172.155]) by mails.dpdk.org (Postfix) with ESMTP id 1A1364060C for ; Mon, 11 Nov 2024 12:24:43 +0100 (CET) Received: from phl-compute-05.internal (phl-compute-05.phl.internal [10.202.2.45]) by mailfhigh.phl.internal (Postfix) with ESMTP id B7C2D114010D; Mon, 11 Nov 2024 06:24:42 -0500 (EST) Received: from phl-mailfrontend-02 ([10.202.2.163]) by phl-compute-05.internal (MEProxy); Mon, 11 Nov 2024 06:24:42 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=monjalon.net; h= cc:cc:content-transfer-encoding:content-type:content-type:date :date:from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to; s=fm3; t=1731324282; x=1731410682; bh=72pKY8Bq5xIDkp75pO0SkgOJ9oZ2i/VVluBB352TeVM=; b= Hn4mm/nGb0yKDrvvhQnVKBH6iqBOnFtZtvT2QTqa95sVmhbqmHInfdJAFtXzbSam OOg+Dt/WeQxv7/MhVJQgs3pZzxdGth+wwzQzyxfcUjYoDhF66HGTG6BZmmOvYj4w BbkHgVBHYKlcJwcJDlIjC11VCvigl66J7M4iKGwYM7TRJIdSI1m09jV5V56KiP/3 XhVuTyU17ZejX6jgsmDGPYrHtBHHWONsQQSnIKYHpVl1uJlIwVYYwXEoUyfaVJtj 7CsoIxvcMS2fj78DnAPBI8hg4Fr7vjuaOuYALjg6snLWHcDfYHeurJrnEVCrYzM5 CTvZJnAf4ixcoWxHAU8C8g== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1731324282; x= 1731410682; bh=72pKY8Bq5xIDkp75pO0SkgOJ9oZ2i/VVluBB352TeVM=; b=F trbj8NDleKEC20sHi8s67OXaXp+xa5kek75WEl3u2HkTTUjGCZVc/VRmI4v9YqX4 YFLvx22um3y9yQ04GU8XX5OohDEUHIW3MND/5NREQCDeEqs6Pp3TBECdDraZ0WPZ xgTvjV9XE8paWexWOO5/Iii9GnMeGhcJ8/PG5Lug/MGxWz8LtgFnbntuPFkFNSff rZKJi93vi+gHF19YgF4jtC0CVEpxkvO03g7WM8l5JSP1+Sk6OXKWymuf8KgHq5X5 Eq62GTwMBvLS7PYCtrl1hXtRA4nkEA3qSp+Fwq2vO9W3eOYfLC8WKlusiGT1Z48r HaoinIr0lCgM/hQPTQCFQ== X-ME-Sender: X-ME-Received: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeefuddruddvgddvjecutefuodetggdotefrodftvf curfhrohhfihhlvgemucfhrghsthforghilhdpggftfghnshhusghstghrihgsvgdpuffr tefokffrpgfnqfghnecuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnth hsucdlqddutddtmdenucfjughrpefhvfevufffkfgjfhgggfgtsehtufertddttdejnecu hfhrohhmpefvhhhomhgrshcuofhonhhjrghlohhnuceothhhohhmrghssehmohhnjhgrlh honhdrnhgvtheqnecuggftrfgrthhtvghrnhepjeduveehieevuddutdevfffgtdegkeeu veejffejgedtgeegkefgvdeugfefkeejnecuvehluhhsthgvrhfuihiivgeptdenucfrrg hrrghmpehmrghilhhfrhhomhepthhhohhmrghssehmohhnjhgrlhhonhdrnhgvthdpnhgs pghrtghpthhtohepgedpmhhouggvpehsmhhtphhouhhtpdhrtghpthhtohepvhhighhnvg hshhdrphhurhhushhhohhthhgrmhdrshhrihhnihhvrghssegvrhhitghsshhonhdrtgho mhdprhgtphhtthhopeguvghvseguphgukhdrohhrghdprhgtphhtthhopehkohhnshhtrg hnthhinhdrvhdrrghnrghnhigvvheshigrnhguvgigrdhruhdprhgtphhtthhopehsthgv phhhvghnsehnvghtfihorhhkphhluhhmsggvrhdrohhrgh X-ME-Proxy: Feedback-ID: i47234305:Fastmail Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 11 Nov 2024 06:24:41 -0500 (EST) From: Thomas Monjalon To: vignesh.purushotham.srinivas@ericsson.com Cc: dev@dpdk.org, konstantin.v.ananyev@yandex.ru, Stephen Hemminger Subject: Re: [RFC] ip_frag: support IPv6 reassembly with extensions Date: Mon, 11 Nov 2024 12:24:40 +0100 Message-ID: <14465732.5MRjnR8RnV@thomas> In-Reply-To: <20240213195107.736fb1e4@hermes.local> References: <20240213114727.550209-1-vignesh.purushotham.srinivas@ericsson.com> <20240213195107.736fb1e4@hermes.local> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="utf-8" X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org 14/02/2024 04:51, Stephen Hemminger: > On Tue, 13 Feb 2024 12:47:27 +0100 > wrote: > > > +/* > > + * Function to crawl through the extension header stack. > > + * This function breaks as soon a the fragment header is > > + * found and returns the total length the traversed exts > > + * and the last extension before the fragment header > > + */ > > +static inline uint32_t > > +ip_frag_get_last_exthdr(struct rte_ipv6_hdr *ip_hdr, uint8_t **last_ext) > > +{ > > + uint32_t total_len = 0; > > + size_t ext_len = 0; > > + *last_ext = (uint8_t *)(ip_hdr + 1); > > + int next_proto = ip_hdr->proto; > > + > > + while (next_proto != IPPROTO_FRAGMENT && > > + (next_proto = rte_ipv6_get_next_ext( > > + *last_ext, next_proto, &ext_len)) >= 0) { > > + > > + total_len += ext_len; > > + > > + if (next_proto == IPPROTO_FRAGMENT) > > + return total_len; > > + > > + *last_ext += ext_len; > > + } > > + > > + return total_len; > > +} > > Doing endless loop like this opens up DoS attacks. > Better to use rte_next_skip_ip6_ext() or do similar limited loop. There was no reply to this interesting comment?