From: Andrew Rybchenko <arybchenko@solarflare.com>
To: <dev@dpdk.org>
Cc: Richard Houldsworth <rhouldsworth@solarflare.com>
Subject: [dpdk-dev] [PATCH 43/80] net/sfc/base: resolve code analysis warnings
Date: Tue, 20 Feb 2018 07:34:01 +0000 [thread overview]
Message-ID: <1519112078-20113-44-git-send-email-arybchenko@solarflare.com> (raw)
In-Reply-To: <1519112078-20113-1-git-send-email-arybchenko@solarflare.com>
From: Richard Houldsworth <rhouldsworth@solarflare.com>
Minimal changes adding buffer size checks and simplifying checksum
processing.
Signed-off-by: Richard Houldsworth <rhouldsworth@solarflare.com>
Signed-off-by: Andrew Rybchenko <arybchenko@solarflare.com>
---
drivers/net/sfc/base/efx_bootcfg.c | 67 +++++++++++++++++++++++++++-----------
1 file changed, 48 insertions(+), 19 deletions(-)
diff --git a/drivers/net/sfc/base/efx_bootcfg.c b/drivers/net/sfc/base/efx_bootcfg.c
index 3a29306..715e18e 100644
--- a/drivers/net/sfc/base/efx_bootcfg.c
+++ b/drivers/net/sfc/base/efx_bootcfg.c
@@ -209,19 +209,25 @@ efx_bootcfg_copy_sector(
size_t used_bytes;
efx_rc_t rc;
+ /* Minimum buffer is checksum byte and DHCP_END terminator */
+ if (data_size < 2) {
+ rc = ENOSPC;
+ goto fail1;
+ }
+
/* Verify that the area is correctly formatted and checksummed */
rc = efx_bootcfg_verify(enp, sector, sector_length,
&used_bytes);
if (!handle_format_errors) {
if (rc != 0)
- goto fail1;
+ goto fail2;
if ((used_bytes < 2) ||
(sector[used_bytes - 1] != DHCP_END)) {
/* Block too short, or DHCP_END missing */
rc = ENOENT;
- goto fail2;
+ goto fail3;
}
}
@@ -255,9 +261,13 @@ efx_bootcfg_copy_sector(
*/
if (used_bytes > data_size) {
rc = ENOSPC;
- goto fail3;
+ goto fail4;
}
- memcpy(data, sector, used_bytes);
+
+ data[0] = 0; /* checksum, updated below */
+
+ /* Copy all after the checksum to the target buffer */
+ memcpy(data + 1, sector + 1, used_bytes - 1);
/* Zero out the unused portion of the target buffer */
if (used_bytes < data_size)
@@ -271,6 +281,8 @@ efx_bootcfg_copy_sector(
return (0);
+fail4:
+ EFSYS_PROBE(fail4);
fail3:
EFSYS_PROBE(fail3);
fail2:
@@ -295,6 +307,12 @@ efx_bootcfg_read(
efx_rc_t rc;
uint32_t sector_number;
+ /* Minimum buffer is checksum byte and DHCP_END terminator */
+ if (size < 2) {
+ rc = ENOSPC;
+ goto fail1;
+ }
+
#if EFSYS_OPT_HUNTINGTON || EFSYS_OPT_MEDFORD || EFSYS_OPT_MEDFORD2
sector_number = enp->en_nic_cfg.enc_pf;
#else
@@ -302,13 +320,18 @@ efx_bootcfg_read(
#endif
rc = efx_nvram_size(enp, EFX_NVRAM_BOOTROM_CFG, &partn_length);
if (rc != 0)
- goto fail1;
+ goto fail2;
/* The bootcfg sector may be stored in a (larger) shared partition */
rc = efx_bootcfg_sector_info(enp, sector_number,
NULL, §or_offset, §or_length);
if (rc != 0)
- goto fail2;
+ goto fail3;
+
+ if (sector_length < 2) {
+ rc = EINVAL;
+ goto fail4;
+ }
if (sector_length > BOOTCFG_MAX_SIZE)
sector_length = BOOTCFG_MAX_SIZE;
@@ -316,7 +339,7 @@ efx_bootcfg_read(
if (sector_offset + sector_length > partn_length) {
/* Partition is too small */
rc = EFBIG;
- goto fail3;
+ goto fail5;
}
/*
@@ -329,28 +352,28 @@ efx_bootcfg_read(
EFSYS_KMEM_ALLOC(enp->en_esip, sector_length, payload);
if (payload == NULL) {
rc = ENOMEM;
- goto fail4;
+ goto fail6;
}
} else
payload = (uint8_t *)data;
if ((rc = efx_nvram_rw_start(enp, EFX_NVRAM_BOOTROM_CFG, NULL)) != 0)
- goto fail5;
+ goto fail7;
if ((rc = efx_nvram_read_chunk(enp, EFX_NVRAM_BOOTROM_CFG,
sector_offset, (caddr_t)payload, sector_length)) != 0) {
(void) efx_nvram_rw_finish(enp, EFX_NVRAM_BOOTROM_CFG, NULL);
- goto fail6;
+ goto fail8;
}
if ((rc = efx_nvram_rw_finish(enp, EFX_NVRAM_BOOTROM_CFG, NULL)) != 0)
- goto fail7;
+ goto fail9;
/* Verify that the area is correctly formatted and checksummed */
rc = efx_bootcfg_verify(enp, payload, sector_length,
&used_bytes);
if (rc != 0 || used_bytes == 0) {
- payload[0] = (uint8_t)(~DHCP_END & 0xff);
+ payload[0] = 0;
payload[1] = DHCP_END;
used_bytes = 2;
}
@@ -365,10 +388,8 @@ efx_bootcfg_read(
* so reinitialise the sector if there isn't room for the character.
*/
if (payload[used_bytes - 1] != DHCP_END) {
- if (used_bytes + 1 > sector_length) {
- payload[0] = 0;
+ if (used_bytes >= sector_length)
used_bytes = 1;
- }
payload[used_bytes] = DHCP_END;
++used_bytes;
@@ -380,10 +401,14 @@ efx_bootcfg_read(
*/
if (used_bytes > size) {
rc = ENOSPC;
- goto fail8;
+ goto fail10;
}
+
+ data[0] = 0; /* checksum, updated below */
+
if (sector_length > size) {
- memcpy(data, payload, used_bytes);
+ /* Copy all after the checksum to the target buffer */
+ memcpy(data + 1, payload + 1, used_bytes - 1);
EFSYS_KMEM_FREE(enp->en_esip, sector_length, payload);
}
@@ -399,16 +424,20 @@ efx_bootcfg_read(
return (0);
+fail10:
+ EFSYS_PROBE(fail10);
+fail9:
+ EFSYS_PROBE(fail9);
fail8:
EFSYS_PROBE(fail8);
fail7:
EFSYS_PROBE(fail7);
+ if (sector_length > size)
+ EFSYS_KMEM_FREE(enp->en_esip, sector_length, payload);
fail6:
EFSYS_PROBE(fail6);
fail5:
EFSYS_PROBE(fail5);
- if (sector_length > size)
- EFSYS_KMEM_FREE(enp->en_esip, sector_length, payload);
fail4:
EFSYS_PROBE(fail4);
fail3:
--
2.7.4
next prev parent reply other threads:[~2018-02-20 7:35 UTC|newest]
Thread overview: 82+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-20 7:33 [dpdk-dev] [PATCH 00/80] net/sfc/base: update base driver Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 01/80] net/sfc: add missing defines for SAL annotation Andrew Rybchenko
2018-03-05 20:47 ` Ferruh Yigit
2018-02-20 7:33 ` [dpdk-dev] [PATCH 02/80] net/sfc/base: regenerate files with genfwdef after ID update Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 03/80] net/sfc/base: update autogenerated headers from firmwaresrc Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 04/80] net/sfc/base: add 3.3V and 12.0V current sensors Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 05/80] net/sfc/base: add Medford2 PCI IDs Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 06/80] net/sfc/base: add efsys option for Medford2 Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 07/80] net/sfc/base: add Medford2 support to NIC module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 08/80] net/sfc/base: correct PIO buffer dimensions for Medford2 Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 09/80] net/sfc/base: move RxDP config get to EF10 NIC code Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 10/80] net/sfc/base: add Medford2 support to EV module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 11/80] net/sfc/base: add Medford2 support to FILTER module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 12/80] net/sfc/base: add Medford2 support to INTR module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 13/80] net/sfc/base: add Medford2 support to MAC module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 14/80] net/sfc/base: add Medford2 support to MCDI module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 15/80] net/sfc/base: add Medford2 support to PHY module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 16/80] net/sfc/base: add Medford2 support to Rx module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 17/80] net/sfc/base: add Medford2 support to Tx module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 18/80] net/sfc/base: add Medford2 support to NVRAM module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 19/80] net/sfc/base: add Medford2 support to SRAM module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 20/80] net/sfc/base: add Medford2 support to BOOTCFG module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 21/80] net/sfc/base: add Medford2 support to VPD module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 22/80] net/sfc/base: add Medford2 support to MON module Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 23/80] net/sfc/base: support runtime VI window size Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 24/80] net/sfc/base: improve comments for EF10 ext port mapping Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 25/80] net/sfc/base: add method to make checksum option descriptors Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 26/80] net/sfc/base: update hardware headers for Medford2 Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 27/80] net/sfc/base: refactoring eliminating code analysis warnings Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 28/80] net/sfc/base: fix too long line Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 29/80] net/sfc/base: update notes on interrupt testing on VFs Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 30/80] net/sfc/base: report memory BAR number Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 31/80] net/sfc/base: simplify loopback type checking Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 32/80] net/sfc/base: add support new link modes Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 33/80] net/sfc/base: add new loopback modes Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 34/80] net/sfc/base: add efsys macro to get memory region size Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 35/80] net/sfc/base: handle new speeds in linkchange events Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 36/80] net/sfc/base: refactor EF10 get datapath capabilities Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 37/80] net/sfc/base: retrieve number of MAC stats from NIC Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 38/80] net/sfc/base: improve robustness of MAC stats get via MCDI Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 39/80] net/sfc/base: use MAC stats DMA buffer size from caps Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 40/80] net/sfc/base: use MAC stats DMA buffer size when decoding Andrew Rybchenko
2018-02-20 7:33 ` [dpdk-dev] [PATCH 41/80] net/sfc/base: run mkconfig.py to add FEC MAC stats Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 42/80] net/sfc/base: decode Medford2 FEC stats if available Andrew Rybchenko
2018-02-20 7:34 ` Andrew Rybchenko [this message]
2018-02-20 7:34 ` [dpdk-dev] [PATCH 44/80] net/sfc: size MAC stats DMA buffer to support Medford2 Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 45/80] net/sfc/base: remove MAC stats size define Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 46/80] net/sfc/base: use correct name for frame truncation event Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 47/80] net/sfc/base: add ef10 NIC board config method Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 48/80] net/sfc/base: move port config to ef10 NIC board config Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 49/80] net/sfc/base: move PF/VF " Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 50/80] net/sfc/base: move MAC address config to ef10 NIC board cfg Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 51/80] net/sfc/base: move legacy board " Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 52/80] net/sfc/base: move PHY/link " Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 53/80] net/sfc/base: move datapath " Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 54/80] net/sfc/base: move Rx config to ef10 NIC board config Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 55/80] net/sfc/base: move Tx " Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 56/80] net/sfc/base: move limits " Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 57/80] net/sfc/base: move vector " Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 58/80] net/sfc/base: move privilege " Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 59/80] net/sfc/base: move VI window size config to ef10 NIC board Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 60/80] net/sfc/base: remove obsolete comments Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 61/80] net/sfc/base: support FEC mode settings Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 62/80] net/sfc/base: support Medford2 event timer semantics Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 63/80] net/sfc/base: clarify port mode names and masks Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 64/80] net/sfc/base: group Medford external port mapping entries Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 65/80] net/sfc/base: add Medford2 support for external port numbers Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 66/80] net/sfc/base: add Medford2 support for licencing Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 67/80] net/sfc/base: add Medford2 support for tunnel encapsulations Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 68/80] net/sfc/base: provide a flag for controlling CTPIO mode Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 69/80] net/sfc/base: add 1.3V voltage and current sensors Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 70/80] net/sfc/base: document the event type for CTPIO sends Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 71/80] net/sfc/base: run genfwdef to update headers Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 72/80] net/sfc/base: add CTPIO statistics Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 73/80] net/sfc/base: add bit to indicate CTPIO availability Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 74/80] net/sfc/base: regenerate headers to pick up CTPIO stats Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 75/80] net/sfc/base: support " Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 76/80] net/sfc/base: add encapsulated TSOv2 capability Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 77/80] net/sfc/base: add outer IP ID parameter to TSOv2 descriptor Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 78/80] net/sfc/base: add firmware image layout option Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 79/80] net/sfc/base: add signed image layout support Andrew Rybchenko
2018-02-20 7:34 ` [dpdk-dev] [PATCH 80/80] net/sfc/base: sync MCDI headers and TLV layout Andrew Rybchenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1519112078-20113-44-git-send-email-arybchenko@solarflare.com \
--to=arybchenko@solarflare.com \
--cc=dev@dpdk.org \
--cc=rhouldsworth@solarflare.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).