Re: [PATCH] app/dumpcap:fix coredump problem because pcap_dump 3th argument is null

Re: [PATCH] app/dumpcap:fix coredump problem because pcap_dump 3th argument is null

[Stephen Hemminger]

On Fri,  1 Mar 2024 18:41:29 +0800
Tianli Lai <laitianli@tom.com> wrote:

> if rte_pktmbuf_read() return NULL, pcap_dump() would coredump.
> 
> Signed-off-by: Tianli Lai <laitianli@tom.com>

Ok, but how is this possible.
	header.caplen will be min of (pktlen, 2048)

So in rte_pktmbuf_read()
	if (likely (0 + pktlen <= rte_pktmbuf_data_len(m))
		return rte_pktmbuf_mtod_offset(m, char *, 0);

Maybe the packet is really big and the packet is multi-segment.
But in that case the code rte_pktmbuf_read should do the consoliation.
Are you sure driver is not generating weird packets?

[PATCH] app/dumpcap:fix coredump problem because pcap_dump 3th argument is null

[Tianli Lai]

if rte_pktmbuf_read() return NULL, pcap_dump() would coredump.

Signed-off-by: Tianli Lai <laitianli@tom.com>
---
 app/dumpcap/main.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/app/dumpcap/main.c b/app/dumpcap/main.c
index d57db0589a..c941fb92bf 100644
--- a/app/dumpcap/main.c
+++ b/app/dumpcap/main.c
@@ -878,6 +878,7 @@ pcap_write_packets(pcap_dumper_t *dumper,
 	struct pcap_pkthdr header;
 	uint16_t i;
 	size_t total = 0;
+	const void *data;
 
 	gettimeofday(&header.ts, NULL);
 
@@ -886,9 +887,12 @@ pcap_write_packets(pcap_dumper_t *dumper,
 
 		header.len = rte_pktmbuf_pkt_len(m);
 		header.caplen = RTE_MIN(header.len, sizeof(temp_data));
-
-		pcap_dump((u_char *)dumper, &header,
-			  rte_pktmbuf_read(m, 0, header.caplen, temp_data));
+		data = rte_pktmbuf_read(m, 0, header.caplen, temp_data);
+		if (!data) {
+			rte_pktmbuf_free(m);
+			continue;
+		}
+		pcap_dump((u_char *)dumper, &header, data);
 
 		total += sizeof(header) + header.len;
 	}
-- 
2.27.0

[PATCH] app/dumpcap: fix handling of jumbo frames

[Stephen Hemminger]

If dumpcap (in legacy pcap mode) tried to handle a large segmented
frame it would core dump because rte_pktmbuf_read() would return NULL.
Fix by using same logic as in pcap PMD.

Fixes: cbb44143be74 ("app/dumpcap: add new packet capture application")
Reported-by: Tianli Lai <laitianli@tom.com>
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---

 app/dumpcap/main.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/app/dumpcap/main.c b/app/dumpcap/main.c
index 6feb8f5672..fcfaa19951 100644
--- a/app/dumpcap/main.c
+++ b/app/dumpcap/main.c
@@ -902,7 +902,7 @@ static ssize_t
 pcap_write_packets(pcap_dumper_t *dumper,
 		   struct rte_mbuf *pkts[], uint16_t n)
 {
-	uint8_t temp_data[RTE_MBUF_DEFAULT_BUF_SIZE];
+	uint8_t temp_data[RTE_ETHER_MAX_JUMBO_FRAME_LEN];
 	struct pcap_pkthdr header;
 	uint16_t i;
 	size_t total = 0;
@@ -911,14 +911,19 @@ pcap_write_packets(pcap_dumper_t *dumper,
 
 	for (i = 0; i < n; i++) {
 		struct rte_mbuf *m = pkts[i];
+		size_t len, caplen;
 
-		header.len = rte_pktmbuf_pkt_len(m);
-		header.caplen = RTE_MIN(header.len, sizeof(temp_data));
+		len = caplen = rte_pktmbuf_pkt_len(m);
+		if (unlikely(!rte_pktmbuf_is_contiguous(m) && len > sizeof(temp_data)))
+			caplen = sizeof(temp_data);
+
+		header.len = len;
+		header.caplen = caplen;
 
 		pcap_dump((u_char *)dumper, &header,
-			  rte_pktmbuf_read(m, 0, header.caplen, temp_data));
+			  rte_pktmbuf_read(m, 0, caplen, temp_data));
 
-		total += sizeof(header) + header.len;
+		total += sizeof(header) + caplen;
 	}
 
 	return total;
-- 
2.45.2

Re: [PATCH] app/dumpcap: fix handling of jumbo frames

[David Marchand]

On Fri, Oct 4, 2024 at 12:11 AM Stephen Hemminger
<stephen@networkplumber.org> wrote:
>
> If dumpcap (in legacy pcap mode) tried to handle a large segmented
> frame it would core dump because rte_pktmbuf_read() would return NULL.
> Fix by using same logic as in pcap PMD.
>
> Fixes: cbb44143be74 ("app/dumpcap: add new packet capture application")
Cc: stable@dpdk.org

> Reported-by: Tianli Lai <laitianli@tom.com>
> Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>

Applied, thanks.


-- 
David Marchand

Re: [PATCH] app/dumpcap:fix coredump problem because pcap_dump 3th argument is null

[Stephen Hemminger]

On Fri,  1 Mar 2024 18:41:29 +0800
Tianli Lai <laitianli@tom.com> wrote:

> if rte_pktmbuf_read() return NULL, pcap_dump() would coredump.
> 
> Signed-off-by: Tianli Lai <laitianli@tom.com>

To safely handle jumbo packets, the code here should increase
the size of temp_data, then the RTE_MIN() is not needed either.

See drivers/net/pcap/pcap_ethdev.c

	for (i = 0; i < nb_pkts; i++) {
		mbuf = bufs[i];
		len = caplen = rte_pktmbuf_pkt_len(mbuf);
		if (unlikely(!rte_pktmbuf_is_contiguous(mbuf) &&
				len > sizeof(temp_data))) {
			caplen = sizeof(temp_data);
		}

		calculate_timestamp(&header.ts);
		header.len = len;
		header.caplen = caplen;
		/* rte_pktmbuf_read() returns a pointer to the data directly
		 * in the mbuf (when the mbuf is contiguous) or, otherwise,
		 * a pointer to temp_data after copying into it.
		 */
		pcap_dump((u_char *)dumper, &header,
			rte_pktmbuf_read(mbuf, 0, caplen, temp_data));