* [PATCH] event/octeontx: resolve possible integer overflow
@ 2024-10-18 7:59 Hanumanth Pothula
0 siblings, 0 replies; only message in thread
From: Hanumanth Pothula @ 2024-10-18 7:59 UTC (permalink / raw)
To: Jerin Jacob; +Cc: dev, hkalra, hpothula
The last argument passed to ssovf_parsekv() is an
unsigned char*, but it is accessed as an integer.
This can lead to an integer overflow.
Hence, make ensure the argument is accessed as a char
and for better error handling use strtol instead of atoi.
Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
---
drivers/event/octeontx/ssovf_evdev.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
diff --git a/drivers/event/octeontx/ssovf_evdev.c b/drivers/event/octeontx/ssovf_evdev.c
index 3a933b1db7..ccb447d33a 100644
--- a/drivers/event/octeontx/ssovf_evdev.c
+++ b/drivers/event/octeontx/ssovf_evdev.c
@@ -719,8 +719,16 @@ ssovf_close(struct rte_eventdev *dev)
static int
ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
{
- int *flag = opaque;
- *flag = !!atoi(value);
+ uint8_t *flag = (uint8_t *)opaque;
+ char *end;
+
+ errno = 0;
+ *flag = (uint8_t)strtol(value, &end, 2);
+ if ((errno != 0) || (value == end)) {
+ ssovf_log_err("fail to get key val ret:%d err:%d", *flag, errno);
+ return -EINVAL;
+ }
+
return 0;
}
--
2.25.1
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2024-10-18 7:59 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-10-18 7:59 [PATCH] event/octeontx: resolve possible integer overflow Hanumanth Pothula
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).