[PATCH] app/dumpcap:fix coredump problem because pcap_dump 3th argument is null

[PATCH] app/dumpcap:fix coredump problem because pcap_dump 3th argument is null

[Tianli Lai]

if rte_pktmbuf_read() return NULL, pcap_dump() would coredump.

Signed-off-by: Tianli Lai <laitianli@tom.com>
---
 app/dumpcap/main.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/app/dumpcap/main.c b/app/dumpcap/main.c
index d57db0589a..c941fb92bf 100644
--- a/app/dumpcap/main.c
+++ b/app/dumpcap/main.c
@@ -878,6 +878,7 @@ pcap_write_packets(pcap_dumper_t *dumper,
 	struct pcap_pkthdr header;
 	uint16_t i;
 	size_t total = 0;
+	const void *data;
 
 	gettimeofday(&header.ts, NULL);
 
@@ -886,9 +887,12 @@ pcap_write_packets(pcap_dumper_t *dumper,
 
 		header.len = rte_pktmbuf_pkt_len(m);
 		header.caplen = RTE_MIN(header.len, sizeof(temp_data));
-
-		pcap_dump((u_char *)dumper, &header,
-			  rte_pktmbuf_read(m, 0, header.caplen, temp_data));
+		data = rte_pktmbuf_read(m, 0, header.caplen, temp_data);
+		if (!data) {
+			rte_pktmbuf_free(m);
+			continue;
+		}
+		pcap_dump((u_char *)dumper, &header, data);
 
 		total += sizeof(header) + header.len;
 	}
-- 
2.27.0

Re: [PATCH] app/dumpcap:fix coredump problem because pcap_dump 3th argument is null

[Stephen Hemminger]

On Fri,  1 Mar 2024 18:41:29 +0800
Tianli Lai <laitianli@tom.com> wrote:

> if rte_pktmbuf_read() return NULL, pcap_dump() would coredump.
> 
> Signed-off-by: Tianli Lai <laitianli@tom.com>

Ok, but how is this possible.
	header.caplen will be min of (pktlen, 2048)

So in rte_pktmbuf_read()
	if (likely (0 + pktlen <= rte_pktmbuf_data_len(m))
		return rte_pktmbuf_mtod_offset(m, char *, 0);

Maybe the packet is really big and the packet is multi-segment.
But in that case the code rte_pktmbuf_read should do the consoliation.
Are you sure driver is not generating weird packets?