From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124]) by inbox.dpdk.org (Postfix) with ESMTP id 5909AA034F; Mon, 7 Feb 2022 07:13:22 +0100 (CET) Received: from [217.70.189.124] (localhost [127.0.0.1]) by mails.dpdk.org (Postfix) with ESMTP id E5DC740685; Mon, 7 Feb 2022 07:13:21 +0100 (CET) Received: from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com [67.231.156.173]) by mails.dpdk.org (Postfix) with ESMTP id DA8B54067C; Mon, 7 Feb 2022 07:13:20 +0100 (CET) Received: from pps.filterd (m0045851.ppops.net [127.0.0.1]) by mx0b-0016f401.pphosted.com (8.16.1.2/8.16.1.2) with ESMTP id 216MZGkN021772; Sun, 6 Feb 2022 22:13:19 -0800 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=from : to : cc : subject : date : message-id : mime-version : content-type : content-transfer-encoding; s=pfpt0220; bh=+cNp7hMis/AbczR358aaSJumbihpgNw6n4sCqtkTrDM=; b=MYozfYzazwtUke4rk7EM7lG2BlEdPF8LGMqScArEShkMvji0WJ32oyPETP8hKcLFM18v /9m2eAXlE7UOEZJ4atXXSp7PgvV1J6ue19fpH5b5vGqrZfwPrdUFmKlBgoMQgMpS0ecV GkKr6KHpk7HwB+EnlOvmYvGK4jvtNBN9GhCWgLHcgf30GHB+Gp5HcZAXXr7VO8CiC2lb T3tiTb6RCaP519Yc6KdmMwbQmkdYHj00dxp5yTgtVyAooSqMOuHuO7MqRYmOVYEj1tti qZB9cuPjlVo07MxPjC//e0/e0MEhFRJqgNuyk2z4q3GC4NiTjjWdDHxE4943UpCyqk1D Bg== Received: from dc5-exch01.marvell.com ([199.233.59.181]) by mx0b-0016f401.pphosted.com (PPS) with ESMTPS id 3e1smr4ehk-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Sun, 06 Feb 2022 22:13:19 -0800 Received: from DC5-EXCH02.marvell.com (10.69.176.39) by DC5-EXCH01.marvell.com (10.69.176.38) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Sun, 6 Feb 2022 22:13:16 -0800 Received: from maili.marvell.com (10.69.176.80) by DC5-EXCH02.marvell.com (10.69.176.39) with Microsoft SMTP Server id 15.0.1497.18 via Frontend Transport; Sun, 6 Feb 2022 22:13:16 -0800 Received: from hyd1349.t110.caveonetworks.com.com (unknown [10.29.45.13]) by maili.marvell.com (Postfix) with ESMTP id 37D193F7076; Sun, 6 Feb 2022 22:13:13 -0800 (PST) From: Ankur Dwivedi To: CC: , , , , , Ankur Dwivedi , Subject: [PATCH] common/cnxk: validate length argument Date: Mon, 7 Feb 2022 11:42:46 +0530 Message-ID: <20220207061246.4209-1-adwivedi@marvell.com> X-Mailer: git-send-email 2.28.0 MIME-Version: 1.0 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: 8bit X-Proofpoint-GUID: 8q1jRiiGJYubCl4dQlM81kbyaSQJwiEI X-Proofpoint-ORIG-GUID: 8q1jRiiGJYubCl4dQlM81kbyaSQJwiEI X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.816,Hydra:6.0.425,FMLib:17.11.62.513 definitions=2022-02-07_02,2022-02-03_01,2021-12-02_01 X-BeenThere: dev@dpdk.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: DPDK patches and discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: dev-bounces@dpdk.org The x->len is passed as argument to npc_prep_mcam_ldata(). In the function the len is used to reference elements of int_info and int_info_mask array. The arrays are of length NPC_MAX_EXTRACT_DATA_LEN. Validating the x->len value so that it is not greater than NPC_MAX_EXTRACT_DATA_LEN. This patch also resolves warning observed with gcc 12 compiler. log: ../drivers/common/cnxk/roc_npc_utils.c:13:26: warning: writing 16 bytes into a region of size 0 [-Wstringop-overflow=] ptr[idx] = data[len - 1 - idx]; ../drivers/common/cnxk/roc_npc_utils.c:163:17: note: at offset 64 into destination object ‘int_info’ of size 64 uint8_t int_info[NPC_MAX_EXTRACT_DATA_LEN]; Bugzilla ID: 854 Fixes: 665b6a7400bf ("common/cnxk: add NPC helper API") Cc: stable@dpdk.org Signed-off-by: Ankur Dwivedi Reviewed-by: Kiran Kumar Kokkilagadda --- drivers/common/cnxk/roc_npc_utils.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/drivers/common/cnxk/roc_npc_utils.c b/drivers/common/cnxk/roc_npc_utils.c index ed0ef5c462..007c454c3c 100644 --- a/drivers/common/cnxk/roc_npc_utils.c +++ b/drivers/common/cnxk/roc_npc_utils.c @@ -166,6 +166,9 @@ npc_update_extraction_data(struct npc_parse_state *pst, int len = 0; x = xinfo; + if (x->len > NPC_MAX_EXTRACT_DATA_LEN) + return NPC_ERR_INVALID_SIZE; + len = x->len; hdr_off = x->hdr_off; -- 2.28.0