* RE: [EXTERNAL] [PATCH] event/octeontx: resolve possible integer overflow
2024-10-18 7:59 [PATCH] event/octeontx: resolve possible integer overflow Hanumanth Pothula
@ 2024-10-18 16:36 ` Pavan Nikhilesh Bhagavatula
2024-10-18 17:35 ` Stephen Hemminger
2024-10-23 7:15 ` [PATCH v2 1/1] " Hanumanth Pothula
2 siblings, 0 replies; 11+ messages in thread
From: Pavan Nikhilesh Bhagavatula @ 2024-10-18 16:36 UTC (permalink / raw)
To: Hanumanth Reddy Pothula, Jerin Jacob
Cc: dev, Harman Kalra, Hanumanth Reddy Pothula
> The last argument passed to ssovf_parsekv() is an
> unsigned char*, but it is accessed as an integer.
> This can lead to an integer overflow.
>
> Hence, make ensure the argument is accessed as a char
> and for better error handling use strtol instead of atoi.
>
> Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
Acked-by: Pavan Nikhilesh <pbhagavatula@marvell.com>
> ---
> drivers/event/octeontx/ssovf_evdev.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/event/octeontx/ssovf_evdev.c
> b/drivers/event/octeontx/ssovf_evdev.c
> index 3a933b1db7..ccb447d33a 100644
> --- a/drivers/event/octeontx/ssovf_evdev.c
> +++ b/drivers/event/octeontx/ssovf_evdev.c
> @@ -719,8 +719,16 @@ ssovf_close(struct rte_eventdev *dev)
> static int
> ssovf_parsekv(const char *key __rte_unused, const char *value, void
> *opaque)
> {
> - int *flag = opaque;
> - *flag = !!atoi(value);
> + uint8_t *flag = (uint8_t *)opaque;
> + char *end;
> +
> + errno = 0;
> + *flag = (uint8_t)strtol(value, &end, 2);
> + if ((errno != 0) || (value == end)) {
> + ssovf_log_err("fail to get key val ret:%d err:%d", *flag, errno);
> + return -EINVAL;
> + }
> +
> return 0;
> }
>
> --
> 2.25.1
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH] event/octeontx: resolve possible integer overflow
2024-10-18 7:59 [PATCH] event/octeontx: resolve possible integer overflow Hanumanth Pothula
2024-10-18 16:36 ` [EXTERNAL] " Pavan Nikhilesh Bhagavatula
@ 2024-10-18 17:35 ` Stephen Hemminger
2024-10-23 7:15 ` [PATCH v2 1/1] " Hanumanth Pothula
2 siblings, 0 replies; 11+ messages in thread
From: Stephen Hemminger @ 2024-10-18 17:35 UTC (permalink / raw)
To: Hanumanth Pothula; +Cc: Jerin Jacob, dev, hkalra
On Fri, 18 Oct 2024 13:29:03 +0530
Hanumanth Pothula <hpothula@marvell.com> wrote:
> The last argument passed to ssovf_parsekv() is an
> unsigned char*, but it is accessed as an integer.
> This can lead to an integer overflow.
>
> Hence, make ensure the argument is accessed as a char
> and for better error handling use strtol instead of atoi.
>
> Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
> ---
> drivers/event/octeontx/ssovf_evdev.c | 12 ++++++++++--
> 1 file changed, 10 insertions(+), 2 deletions(-)
>
> diff --git a/drivers/event/octeontx/ssovf_evdev.c b/drivers/event/octeontx/ssovf_evdev.c
> index 3a933b1db7..ccb447d33a 100644
> --- a/drivers/event/octeontx/ssovf_evdev.c
> +++ b/drivers/event/octeontx/ssovf_evdev.c
> @@ -719,8 +719,16 @@ ssovf_close(struct rte_eventdev *dev)
> static int
> ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
> {
> - int *flag = opaque;
> - *flag = !!atoi(value);
> + uint8_t *flag = (uint8_t *)opaque;
> + char *end;
> +
> + errno = 0;
> + *flag = (uint8_t)strtol(value, &end, 2);
> + if ((errno != 0) || (value == end)) {
> + ssovf_log_err("fail to get key val ret:%d err:%d", *flag, errno);
> + return -EINVAL;
> + }
> +
> return 0;
> }
Cast of opaque is unnecessary in C.
Use strtoul to avoid allowing negative numbers.
Passing 2 as argument makes it assume binary so 101 is legal value and returns 5
and it is not helping.
Why not:
diff --git a/drivers/event/octeontx/ssovf_evdev.c b/drivers/event/octeontx/ssovf_evdev.c
index 3a933b1db7..9804f5bc59 100644
--- a/drivers/event/octeontx/ssovf_evdev.c
+++ b/drivers/event/octeontx/ssovf_evdev.c
@@ -717,10 +717,20 @@ ssovf_close(struct rte_eventdev *dev)
}
static int
-ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
+ssovf_parsekv(const char *key, const char *value, void *opaque)
{
- int *flag = opaque;
- *flag = !!atoi(value);
+ uint8_t *flag = opaque;
+ unsigned long v;
+ char *end;
+
+ errno = 0;
+ v = strtoul(value, &end, 0);
+ if (errno != 0 || end == value || *end != '\0') {
+ ssvf_log_err("invalid %s value %s", key, value);
+ return -EINVAL;
+ }
+
+ *flag = !!v;
return 0;
}
^ permalink raw reply [flat|nested] 11+ messages in thread
* [PATCH v2 1/1] event/octeontx: resolve possible integer overflow
2024-10-18 7:59 [PATCH] event/octeontx: resolve possible integer overflow Hanumanth Pothula
2024-10-18 16:36 ` [EXTERNAL] " Pavan Nikhilesh Bhagavatula
2024-10-18 17:35 ` Stephen Hemminger
@ 2024-10-23 7:15 ` Hanumanth Pothula
2024-10-23 16:16 ` Stephen Hemminger
2024-10-24 3:55 ` [PATCH v3 " Hanumanth Pothula
2 siblings, 2 replies; 11+ messages in thread
From: Hanumanth Pothula @ 2024-10-23 7:15 UTC (permalink / raw)
To: Jerin Jacob; +Cc: dev, hkalra, stephen, hpothula
The last argument passed to ssovf_parsekv() is an
unsigned char*, but it is accessed as an integer.
This can lead to an integer overflow.
Hence, make ensure the argument is accessed as a char
and for better error handling use strtol instead of atoi.
Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
---
v2: use strtoul instead of strtol
---
drivers/event/octeontx/ssovf_evdev.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/drivers/event/octeontx/ssovf_evdev.c b/drivers/event/octeontx/ssovf_evdev.c
index 3a933b1db7..d2ab8011e1 100644
--- a/drivers/event/octeontx/ssovf_evdev.c
+++ b/drivers/event/octeontx/ssovf_evdev.c
@@ -717,10 +717,20 @@ ssovf_close(struct rte_eventdev *dev)
}
static int
-ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
+ssovf_parsekv(const char *key, const char *value, void *opaque)
{
- int *flag = opaque;
- *flag = !!atoi(value);
+ uint8_t *flag = opaque;
+ uint64_t v;
+ char *end;
+
+ errno = 0;
+ v = (uint8_t)strtoul(value, &end, 0);
+ if ((errno != 0) || (value == end) || *end != '\0') {
+ ssovf_log_err("invalid %s value %s", key, value);
+ return -EINVAL;
+ }
+
+ *flag = !!v;
return 0;
}
--
2.25.1
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH v2 1/1] event/octeontx: resolve possible integer overflow
2024-10-23 7:15 ` [PATCH v2 1/1] " Hanumanth Pothula
@ 2024-10-23 16:16 ` Stephen Hemminger
2024-10-23 20:29 ` [EXTERNAL] " Hanumanth Reddy Pothula
2024-10-24 3:55 ` [PATCH v3 " Hanumanth Pothula
1 sibling, 1 reply; 11+ messages in thread
From: Stephen Hemminger @ 2024-10-23 16:16 UTC (permalink / raw)
To: Hanumanth Pothula; +Cc: Jerin Jacob, dev, hkalra
On Wed, 23 Oct 2024 12:45:46 +0530
Hanumanth Pothula <hpothula@marvell.com> wrote:
> static int
> -ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
> +ssovf_parsekv(const char *key, const char *value, void *opaque)
> {
> - int *flag = opaque;
> - *flag = !!atoi(value);
> + uint8_t *flag = opaque;
> + uint64_t v;
> + char *end;
> +
> + errno = 0;
> + v = (uint8_t)strtoul(value, &end, 0);
Cast will cause truncation of large values.
Maybe:
v = strtoul(value, &end, 0);
if (errno != 0 || value == end || *end != '\0' || v > UINT8_MAX) {
...
> + if ((errno != 0) || (value == end) || *end != '\0') {
> + ssovf_log_err("invalid %s value %s", key, value);
> + return -EINVAL;
> + }
> +
> + *flag = !!v;
> return 0;
> }
^ permalink raw reply [flat|nested] 11+ messages in thread
* RE: [EXTERNAL] Re: [PATCH v2 1/1] event/octeontx: resolve possible integer overflow
2024-10-23 16:16 ` Stephen Hemminger
@ 2024-10-23 20:29 ` Hanumanth Reddy Pothula
0 siblings, 0 replies; 11+ messages in thread
From: Hanumanth Reddy Pothula @ 2024-10-23 20:29 UTC (permalink / raw)
To: Stephen Hemminger; +Cc: Jerin Jacob, dev, Harman Kalra
[-- Attachment #1: Type: text/plain, Size: 1729 bytes --]
From: Stephen Hemminger <stephen@networkplumber.org>
Sent: Wednesday, October 23, 2024 9:46 PM
To: Hanumanth Reddy Pothula <hpothula@marvell.com>
Cc: Jerin Jacob <jerinj@marvell.com>; dev@dpdk.org; Harman Kalra <hkalra@marvell.com>
Subject: [EXTERNAL] Re: [PATCH v2 1/1] event/octeontx: resolve possible integer overflow
On Wed, 23 Oct 2024 12: 45: 46 +0530 Hanumanth Pothula <hpothula@ marvell. com> wrote: > static int > -ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque) > +ssovf_parsekv(const char *key, const char *value,
On Wed, 23 Oct 2024 12:45:46 +0530
Hanumanth Pothula <hpothula@marvell.com<mailto:hpothula@marvell.com>> wrote:
> static int
> -ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
> +ssovf_parsekv(const char *key, const char *value, void *opaque)
> {
> - int *flag = opaque;
> - *flag = !!atoi(value);
> + uint8_t *flag = opaque;
> + uint64_t v;
> + char *end;
> +
> + errno = 0;
> + v = (uint8_t)strtoul(value, &end, 0);
Cast will cause truncation of large values.
Maybe:
v = strtoul(value, &end, 0);
if (errno != 0 || value == end || *end != '\0' || v > UINT8_MAX) {
...
Thanks for the review/comment.
Here, the value can only be ‘0’ or ‘1’, so truncation won’t be an issue.
> + if ((errno != 0) || (value == end) || *end != '\0') {
> + ssovf_log_err("invalid %s value %s", key, value);
> + return -EINVAL;
> + }
> +
> + *flag = !!v;
> return 0;
> }
[-- Attachment #2: Type: text/html, Size: 8897 bytes --]
^ permalink raw reply [flat|nested] 11+ messages in thread
* [PATCH v3 1/1] event/octeontx: resolve possible integer overflow
2024-10-23 7:15 ` [PATCH v2 1/1] " Hanumanth Pothula
2024-10-23 16:16 ` Stephen Hemminger
@ 2024-10-24 3:55 ` Hanumanth Pothula
2024-10-24 7:57 ` Ali Alnubani
2024-10-25 10:58 ` [PATCH v4 1/1] event/octeontx: fix " Hanumanth Pothula
1 sibling, 2 replies; 11+ messages in thread
From: Hanumanth Pothula @ 2024-10-24 3:55 UTC (permalink / raw)
To: Jerin Jacob; +Cc: dev, hkalra, stephen, hpothula
The last argument passed to ssovf_parsekv() is an
unsigned char*, but it is accessed as an integer.
This can lead to an integer overflow.
Hence, make ensure the argument is accessed as a char
and for better error handling use strtol instead of atoi.
Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
---
v2: use strtoul instead of strtol
v3: Add value boundry check. Here, value can be either 0 or 1.
---
drivers/event/octeontx/ssovf_evdev.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/drivers/event/octeontx/ssovf_evdev.c b/drivers/event/octeontx/ssovf_evdev.c
index 3a933b1db7..957fcab04e 100644
--- a/drivers/event/octeontx/ssovf_evdev.c
+++ b/drivers/event/octeontx/ssovf_evdev.c
@@ -717,10 +717,20 @@ ssovf_close(struct rte_eventdev *dev)
}
static int
-ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
+ssovf_parsekv(const char *key, const char *value, void *opaque)
{
- int *flag = opaque;
- *flag = !!atoi(value);
+ uint8_t *flag = opaque;
+ uint64_t v;
+ char *end;
+
+ errno = 0;
+ v = strtoul(value, &end, 0);
+ if ((errno != 0) || (value == end) || *end != '\0' || v > 1) {
+ ssovf_log_err("invalid %s value %s", key, value);
+ return -EINVAL;
+ }
+
+ *flag = !!v;
return 0;
}
--
2.25.1
^ permalink raw reply [flat|nested] 11+ messages in thread
* RE: [PATCH v3 1/1] event/octeontx: resolve possible integer overflow
2024-10-24 3:55 ` [PATCH v3 " Hanumanth Pothula
@ 2024-10-24 7:57 ` Ali Alnubani
2024-10-25 10:27 ` Jerin Jacob
2024-10-25 10:58 ` [PATCH v4 1/1] event/octeontx: fix " Hanumanth Pothula
1 sibling, 1 reply; 11+ messages in thread
From: Ali Alnubani @ 2024-10-24 7:57 UTC (permalink / raw)
To: Hanumanth Pothula, Jerin Jacob; +Cc: dev, hkalra, stephen
> -----Original Message-----
> From: Hanumanth Pothula <hpothula@marvell.com>
> Sent: Thursday, October 24, 2024 6:55 AM
> To: Jerin Jacob <jerinj@marvell.com>
> Cc: dev@dpdk.org; hkalra@marvell.com; stephen@networkplumber.org;
> hpothula@marvell.com
> Subject: [PATCH v3 1/1] event/octeontx: resolve possible integer overflow
>
> The last argument passed to ssovf_parsekv() is an
> unsigned char*, but it is accessed as an integer.
> This can lead to an integer overflow.
>
> Hence, make ensure the argument is accessed as a char
> and for better error handling use strtol instead of atoi.
>
> Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
> ---
>
> v2: use strtoul instead of strtol
> v3: Add value boundry check. Here, value can be either 0 or 1.
> ---
Confirmed that it resolves https://bugs.dpdk.org/show_bug.cgi?id=1512.
Tested-by: Ali Alnubani <alialnu@nvidia.com>
Thanks,
Ali
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH v3 1/1] event/octeontx: resolve possible integer overflow
2024-10-24 7:57 ` Ali Alnubani
@ 2024-10-25 10:27 ` Jerin Jacob
0 siblings, 0 replies; 11+ messages in thread
From: Jerin Jacob @ 2024-10-25 10:27 UTC (permalink / raw)
To: Ali Alnubani; +Cc: Hanumanth Pothula, Jerin Jacob, dev, hkalra, stephen
On Thu, Oct 24, 2024 at 1:27 PM Ali Alnubani <alialnu@nvidia.com> wrote:
>
> > -----Original Message-----
> > From: Hanumanth Pothula <hpothula@marvell.com>
> > Sent: Thursday, October 24, 2024 6:55 AM
> > To: Jerin Jacob <jerinj@marvell.com>
> > Cc: dev@dpdk.org; hkalra@marvell.com; stephen@networkplumber.org;
> > hpothula@marvell.com
> > Subject: [PATCH v3 1/1] event/octeontx: resolve possible integer overflow
> >
> > The last argument passed to ssovf_parsekv() is an
> > unsigned char*, but it is accessed as an integer.
> > This can lead to an integer overflow.
> >
> > Hence, make ensure the argument is accessed as a char
> > and for better error handling use strtol instead of atoi.
> >
Add
Bugzilla ID: 1512
And add Fixes: tag
please start the git commit subject with event/octeontx: fix ...
Good to merge next version
> > Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
> > ---
> >
> > v2: use strtoul instead of strtol
> > v3: Add value boundry check. Here, value can be either 0 or 1.
> > ---
>
> Confirmed that it resolves https://bugs.dpdk.org/show_bug.cgi?id=1512.
>
> Tested-by: Ali Alnubani <alialnu@nvidia.com>
>
> Thanks,
> Ali
^ permalink raw reply [flat|nested] 11+ messages in thread
* [PATCH v4 1/1] event/octeontx: fix possible integer overflow
2024-10-24 3:55 ` [PATCH v3 " Hanumanth Pothula
2024-10-24 7:57 ` Ali Alnubani
@ 2024-10-25 10:58 ` Hanumanth Pothula
2024-10-28 15:31 ` Jerin Jacob
1 sibling, 1 reply; 11+ messages in thread
From: Hanumanth Pothula @ 2024-10-25 10:58 UTC (permalink / raw)
To: Jerin Jacob, Pavan Nikhilesh; +Cc: dev, hkalra, stephen, hpothula
The last argument passed to ssovf_parsekv() is an
unsigned char*, but it is accessed as an integer.
This can lead to an integer overflow.
Hence, make ensure the argument is accessed as a char
and for better error handling use strtol instead of atoi.
Bugzilla ID: 1512
Fixes: 3516327e00fd ("event/octeontx: add selftest to device arguments")
Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
---
v2: Use strtoul instead of strtol
v3: Add value boundry check. Here, value can be either 0 or 1.
v4: Commit text update
---
drivers/event/octeontx/ssovf_evdev.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/drivers/event/octeontx/ssovf_evdev.c b/drivers/event/octeontx/ssovf_evdev.c
index 3a933b1db7..957fcab04e 100644
--- a/drivers/event/octeontx/ssovf_evdev.c
+++ b/drivers/event/octeontx/ssovf_evdev.c
@@ -717,10 +717,20 @@ ssovf_close(struct rte_eventdev *dev)
}
static int
-ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
+ssovf_parsekv(const char *key, const char *value, void *opaque)
{
- int *flag = opaque;
- *flag = !!atoi(value);
+ uint8_t *flag = opaque;
+ uint64_t v;
+ char *end;
+
+ errno = 0;
+ v = strtoul(value, &end, 0);
+ if ((errno != 0) || (value == end) || *end != '\0' || v > 1) {
+ ssovf_log_err("invalid %s value %s", key, value);
+ return -EINVAL;
+ }
+
+ *flag = !!v;
return 0;
}
--
2.25.1
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH v4 1/1] event/octeontx: fix possible integer overflow
2024-10-25 10:58 ` [PATCH v4 1/1] event/octeontx: fix " Hanumanth Pothula
@ 2024-10-28 15:31 ` Jerin Jacob
0 siblings, 0 replies; 11+ messages in thread
From: Jerin Jacob @ 2024-10-28 15:31 UTC (permalink / raw)
To: Hanumanth Pothula; +Cc: Jerin Jacob, Pavan Nikhilesh, dev, hkalra, stephen
[-- Attachment #1: Type: text/plain, Size: 1851 bytes --]
On Fri, Oct 25, 2024 at 4:28 PM Hanumanth Pothula <hpothula@marvell.com> wrote:
>
> The last argument passed to ssovf_parsekv() is an
> unsigned char*, but it is accessed as an integer.
> This can lead to an integer overflow.
>
> Hence, make ensure the argument is accessed as a char
> and for better error handling use strtol instead of atoi.
>
> Bugzilla ID: 1512
> Fixes: 3516327e00fd ("event/octeontx: add selftest to device arguments")
>
> Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
Missed following tag
Tested-by: Ali Alnubani <alialnu@nvidia.com>
Applied to dpdk-next-net-mrvl/for-main. Thanks
> ---
>
> v2: Use strtoul instead of strtol
> v3: Add value boundry check. Here, value can be either 0 or 1.
> v4: Commit text update
> ---
> drivers/event/octeontx/ssovf_evdev.c | 16 +++++++++++++---
> 1 file changed, 13 insertions(+), 3 deletions(-)
>
> diff --git a/drivers/event/octeontx/ssovf_evdev.c b/drivers/event/octeontx/ssovf_evdev.c
> index 3a933b1db7..957fcab04e 100644
> --- a/drivers/event/octeontx/ssovf_evdev.c
> +++ b/drivers/event/octeontx/ssovf_evdev.c
> @@ -717,10 +717,20 @@ ssovf_close(struct rte_eventdev *dev)
> }
>
> static int
> -ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
> +ssovf_parsekv(const char *key, const char *value, void *opaque)
> {
> - int *flag = opaque;
> - *flag = !!atoi(value);
> + uint8_t *flag = opaque;
> + uint64_t v;
> + char *end;
> +
> + errno = 0;
> + v = strtoul(value, &end, 0);
> + if ((errno != 0) || (value == end) || *end != '\0' || v > 1) {
> + ssovf_log_err("invalid %s value %s", key, value);
> + return -EINVAL;
> + }
> +
> + *flag = !!v;
> return 0;
> }
>
> --
> 2.25.1
>
[-- Attachment #2: image.png --]
[-- Type: image/png, Size: 6473 bytes --]
^ permalink raw reply [flat|nested] 11+ messages in thread