From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail.droids-corp.org (zoll.droids-corp.org [94.23.50.67]) by dpdk.org (Postfix) with ESMTP id 583A2293B for ; Thu, 23 Aug 2018 09:39:48 +0200 (CEST) Received: from rsa59-2-82-233-193-189.fbx.proxad.net ([82.233.193.189] helo=droids-corp.org) by mail.droids-corp.org with esmtpsa (TLS1.0:RSA_AES_256_CBC_SHA1:256) (Exim 4.89) (envelope-from ) id 1fskEP-0002Vj-9B; Thu, 23 Aug 2018 09:40:38 +0200 Received: by droids-corp.org (sSMTP sendmail emulation); Thu, 23 Aug 2018 09:39:42 +0200 Date: Thu, 23 Aug 2018 09:39:42 +0200 From: Olivier Matz To: David Marchand Cc: dev@dpdk.org, Thomas Monjalon , Ferruh Yigit , Andrew Rybchenko Message-ID: <20180823073942.qnyk3jwqecm6wk3v@platinum> References: <1534176226-21911-1-git-send-email-david.marchand@6wind.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1534176226-21911-1-git-send-email-david.marchand@6wind.com> User-Agent: NeoMutt/20170113 (1.7.2) Subject: Re: [dpdk-dev] [RFC 1/2] mbuf: add a sanity check on segment metadata X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 23 Aug 2018 07:39:48 -0000 Hi David, On Mon, Aug 13, 2018 at 06:03:45PM +0200, David Marchand wrote: > Add some basic check on the segments offset and length metadata: > always funny to have a < 0 tailroom cast to uint16_t ;-). > > Signed-off-by: David Marchand > --- > lib/librte_mbuf/rte_mbuf.c | 2 ++ > 1 file changed, 2 insertions(+) > > diff --git a/lib/librte_mbuf/rte_mbuf.c b/lib/librte_mbuf/rte_mbuf.c > index e714c5a..7eeef12 100644 > --- a/lib/librte_mbuf/rte_mbuf.c > +++ b/lib/librte_mbuf/rte_mbuf.c > @@ -200,6 +200,8 @@ rte_mbuf_sanity_check(const struct rte_mbuf *m, int is_header) > pkt_len = m->pkt_len; > > do { > + if (m->data_off + m->data_len > m->buf_len) > + rte_panic("bad segment metadata\n"); What about spliting the test into two? This would help to clarify the error messages. I also suggest add casts to uint32 to ensure that there is no overflow. if (m->data_off_len > m->buf_len) rte_panic("data offset too big in mbuf segment\n"); if ((uint32_t)m->data_off + (uint32_t)m->data_len > (uint32_t)m->buf_len) rte_panic("data length too big in mbuf segment\n");