From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id 3D78945BD5;
	Fri, 25 Oct 2024 12:58:13 +0200 (CEST)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id D69F7400D5;
	Fri, 25 Oct 2024 12:58:12 +0200 (CEST)
Received: from mx0a-0016f401.pphosted.com (mx0a-0016f401.pphosted.com
 [67.231.148.174])
 by mails.dpdk.org (Postfix) with ESMTP id 461054003C
 for <dev@dpdk.org>; Fri, 25 Oct 2024 12:58:11 +0200 (CEST)
Received: from pps.filterd (m0431384.ppops.net [127.0.0.1])
 by mx0a-0016f401.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 49PAqWSR018276;
 Fri, 25 Oct 2024 03:58:09 -0700
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com; h=
 cc:content-transfer-encoding:content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to; s=pfpt0220; bh=O
 PDLnnAJhUO/72TBWmMcpMrmftxFXCVgKa+EOwd25bg=; b=V7fpM/hnKZNJ0d0v5
 LnWPz+KPWgiWpJKUgMAveLGJVGVcsyJLOwidLb76xGarg4Yqf+W7iuPOjAyUiMzs
 rzvNqIKNs3LTc0lzMXgBjLo+r8sNGfGjsoWdTj6wCeVshfEHqn2s7w8Iwe56GYOw
 bD24j0QJQ8MbqTNDYqYOmX7zOHdpuPcOFrtDz0DTx9DlCDWD943NBtkMVwg5pCs/
 HbzLpXyTnKXwPwx4UIZrAcaWxvGqKluZ6NYdBuj3QT1U/5TejdHYgNWY+/kW4+zQ
 lhqIhHBYYGDG1gFtkVF4Hl53ag2qsZD9AzuWHsWyyDwWEUfHUbTYhj3hfWyxMFK9
 TbLCQ==
Received: from dc6wp-exch02.marvell.com ([4.21.29.225])
 by mx0a-0016f401.pphosted.com (PPS) with ESMTPS id 42g9y5806u-1
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT);
 Fri, 25 Oct 2024 03:58:09 -0700 (PDT)
Received: from DC6WP-EXCH02.marvell.com (10.76.176.209) by
 DC6WP-EXCH02.marvell.com (10.76.176.209) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.1544.4; Fri, 25 Oct 2024 03:58:07 -0700
Received: from maili.marvell.com (10.69.176.80) by DC6WP-EXCH02.marvell.com
 (10.76.176.209) with Microsoft SMTP Server id 15.2.1544.4 via Frontend
 Transport; Fri, 25 Oct 2024 03:58:07 -0700
Received: from localhost.localdomain (unknown [10.28.36.155])
 by maili.marvell.com (Postfix) with ESMTP id B47BE3F7052;
 Fri, 25 Oct 2024 03:58:05 -0700 (PDT)
From: Hanumanth Pothula <hpothula@marvell.com>
To: Jerin Jacob <jerinj@marvell.com>, Pavan Nikhilesh
 <pbhagavatula@marvell.com>
CC: <dev@dpdk.org>, <hkalra@marvell.com>, <stephen@networkplumber.org>,
 <hpothula@marvell.com>
Subject: [PATCH v4 1/1] event/octeontx: fix possible integer overflow
Date: Fri, 25 Oct 2024 16:28:02 +0530
Message-ID: <20241025105802.1099531-1-hpothula@marvell.com>
X-Mailer: git-send-email 2.25.1
In-Reply-To: <20241024035524.1021926-1-hpothula@marvell.com>
References: <20241024035524.1021926-1-hpothula@marvell.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-Proofpoint-GUID: eEx70VoAxRMYa5Sgdj949MjkL9Ds6AzS
X-Proofpoint-ORIG-GUID: eEx70VoAxRMYa5Sgdj949MjkL9Ds6AzS
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.293,Aquarius:18.0.687,Hydra:6.0.235,FMLib:17.0.607.475
 definitions=2020-10-13_15,2020-10-13_02,2020-04-07_01
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

The last argument passed to ssovf_parsekv() is an
unsigned char*, but it is accessed as an integer.
This can lead to an integer overflow.

Hence, make ensure the argument is accessed as a char
and for better error handling use strtol instead of atoi.

Bugzilla ID: 1512
Fixes: 3516327e00fd ("event/octeontx: add selftest to device arguments")

Signed-off-by: Hanumanth Pothula <hpothula@marvell.com>
---

v2: Use strtoul instead of strtol
v3: Add value boundry check. Here, value can be either 0 or 1.
v4: Commit text update
---
 drivers/event/octeontx/ssovf_evdev.c | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/drivers/event/octeontx/ssovf_evdev.c b/drivers/event/octeontx/ssovf_evdev.c
index 3a933b1db7..957fcab04e 100644
--- a/drivers/event/octeontx/ssovf_evdev.c
+++ b/drivers/event/octeontx/ssovf_evdev.c
@@ -717,10 +717,20 @@ ssovf_close(struct rte_eventdev *dev)
 }
 
 static int
-ssovf_parsekv(const char *key __rte_unused, const char *value, void *opaque)
+ssovf_parsekv(const char *key, const char *value, void *opaque)
 {
-	int *flag = opaque;
-	*flag = !!atoi(value);
+	uint8_t *flag = opaque;
+	uint64_t v;
+	char *end;
+
+	errno = 0;
+	v = strtoul(value, &end, 0);
+	if ((errno != 0) || (value == end) || *end != '\0' || v > 1) {
+		ssovf_log_err("invalid %s value %s", key, value);
+		return -EINVAL;
+	}
+
+	*flag = !!v;
 	return 0;
 }
 
-- 
2.25.1