From: Stephen Hemminger <stephen@networkplumber.org>
To: Hanumanth Pothula <hpothula@marvell.com>
Cc: Jerin Jacob <jerinj@marvell.com>, <dev@dpdk.org>, <hkalra@marvell.com>
Subject: Re: [PATCH] event/octeontx: resolve possible integer overflow
Date: Fri, 18 Oct 2024 10:35:51 -0700 [thread overview]
Message-ID: <20241018103551.2563fcfa@hermes.local> (raw)
In-Reply-To: <20241018075903.53757-1-hpothula@marvell.com>
On Fri, 18 Oct 2024 13:29:03 +0530
Hanumanth Pothula <hpothula@marvell.com> wrote:
> The last argument passed to ssovf_parsekv() is an
> unsigned char*, but it is accessed as an integer.
> This can lead to an integer overflow.
>
> Hence, make ensure the argument is accessed as a char
> and for better error handling use strtol instead of atoi.
>
> Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
> ---
> drivers/event/octeontx/ssovf_evdev.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/event/octeontx/ssovf_evdev.c b/drivers/event/octeontx/ssovf_evdev.c
> index 3a933b1db7..ccb447d33a 100644
> --- a/drivers/event/octeontx/ssovf_evdev.c
> +++ b/drivers/event/octeontx/ssovf_evdev.c
> @@ -719,8 +719,16 @@ ssovf_close(struct rte_eventdev *dev)
> static int
> ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
> {
> - int *flag = opaque;
> - *flag = !!atoi(value);
> + uint8_t *flag = (uint8_t *)opaque;
> + char *end;
> +
> + errno = 0;
> + *flag = (uint8_t)strtol(value, &end, 2);
> + if ((errno != 0) || (value == end)) {
> + ssovf_log_err("fail to get key val ret:%d err:%d", *flag, errno);
> + return -EINVAL;
> + }
> +
> return 0;
> }
Cast of opaque is unnecessary in C.
Use strtoul to avoid allowing negative numbers.
Passing 2 as argument makes it assume binary so 101 is legal value and returns 5
and it is not helping.
Why not:
diff --git a/drivers/event/octeontx/ssovf_evdev.c b/drivers/event/octeontx/ssovf_evdev.c
index 3a933b1db7..9804f5bc59 100644
--- a/drivers/event/octeontx/ssovf_evdev.c
+++ b/drivers/event/octeontx/ssovf_evdev.c
@@ -717,10 +717,20 @@ ssovf_close(struct rte_eventdev *dev)
}
static int
-ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
+ssovf_parsekv(const char *key, const char *value, void *opaque)
{
- int *flag = opaque;
- *flag = !!atoi(value);
+ uint8_t *flag = opaque;
+ unsigned long v;
+ char *end;
+
+ errno = 0;
+ v = strtoul(value, &end, 0);
+ if (errno != 0 || end == value || *end != '\0') {
+ ssvf_log_err("invalid %s value %s", key, value);
+ return -EINVAL;
+ }
+
+ *flag = !!v;
return 0;
}
prev parent reply other threads:[~2024-10-18 17:35 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-18 7:59 Hanumanth Pothula
2024-10-18 16:36 ` [EXTERNAL] " Pavan Nikhilesh Bhagavatula
2024-10-18 17:35 ` Stephen Hemminger [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241018103551.2563fcfa@hermes.local \
--to=stephen@networkplumber.org \
--cc=dev@dpdk.org \
--cc=hkalra@marvell.com \
--cc=hpothula@marvell.com \
--cc=jerinj@marvell.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).