From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <dev-bounces@dpdk.org>
Received: from mails.dpdk.org (mails.dpdk.org [217.70.189.124])
	by inbox.dpdk.org (Postfix) with ESMTP id C670645CA6;
	Fri,  8 Nov 2024 12:16:53 +0100 (CET)
Received: from mails.dpdk.org (localhost [127.0.0.1])
	by mails.dpdk.org (Postfix) with ESMTP id 163164338B;
	Fri,  8 Nov 2024 12:15:55 +0100 (CET)
Received: from szxga04-in.huawei.com (szxga04-in.huawei.com [45.249.212.190])
 by mails.dpdk.org (Postfix) with ESMTP id 2DFA643367
 for <dev@dpdk.org>; Fri,  8 Nov 2024 12:15:47 +0100 (CET)
Received: from mail.maildlp.com (unknown [172.19.88.163])
 by szxga04-in.huawei.com (SkyGuard) with ESMTP id 4XlGYS6qrqz20sv7;
 Fri,  8 Nov 2024 19:14:36 +0800 (CST)
Received: from kwepemf500004.china.huawei.com (unknown [7.202.181.242])
 by mail.maildlp.com (Postfix) with ESMTPS id 1552218002B;
 Fri,  8 Nov 2024 19:15:46 +0800 (CST)
Received: from localhost.localdomain (10.28.79.22) by
 kwepemf500004.china.huawei.com (7.202.181.242) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id
 15.2.1544.11; Fri, 8 Nov 2024 19:15:45 +0800
From: Jie Hai <haijie1@huawei.com>
To: <dev@dpdk.org>, <thomas@monjalon.net>, <ferruh.yigit@amd.com>, Akhil Goyal
 <gakhil@marvell.com>, Anoob Joseph <anoobj@marvell.com>, Gowrishankar
 Muthukrishnan <gmuthukrishn@marvell.com>
CC: <lihuisong@huawei.com>, <fengchengwen@huawei.com>, <haijie1@huawei.com>,
 <huangdengdui@huawei.com>
Subject: [PATCH v5 13/25] security: replace strtok with reentrant version
Date: Fri, 8 Nov 2024 19:03:52 +0800
Message-ID: <20241108110404.18317-14-haijie1@huawei.com>
X-Mailer: git-send-email 2.22.0
In-Reply-To: <20241108110404.18317-1-haijie1@huawei.com>
References: <20231113104550.2138654-1-haijie1@huawei.com>
 <20241108110404.18317-1-haijie1@huawei.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
X-Originating-IP: [10.28.79.22]
X-ClientProxiedBy: dggems703-chm.china.huawei.com (10.3.19.180) To
 kwepemf500004.china.huawei.com (7.202.181.242)
X-BeenThere: dev@dpdk.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DPDK patches and discussions <dev.dpdk.org>
List-Unsubscribe: <https://mails.dpdk.org/options/dev>,
 <mailto:dev-request@dpdk.org?subject=unsubscribe>
List-Archive: <http://mails.dpdk.org/archives/dev/>
List-Post: <mailto:dev@dpdk.org>
List-Help: <mailto:dev-request@dpdk.org?subject=help>
List-Subscribe: <https://mails.dpdk.org/listinfo/dev>,
 <mailto:dev-request@dpdk.org?subject=subscribe>
Errors-To: dev-bounces@dpdk.org

Multiple threads calling the same function may cause condition
race issues, which often leads to abnormal behavior and can cause
more serious vulnerabilities such as abnormal termination, denial
of service, and compromised data integrity.

The strtok() is non-reentrant, it is better to replace it with a
reentrant version.

Fixes: 259ca6d1617f ("security: add telemetry endpoint for capabilities")

Signed-off-by: Jie Hai <haijie1@huawei.com>
Acked-by: Chengwen Feng <fengchengwen@huawei.com>
Acked-by: Morten Brørup <mb@smartsharesystems.com>
---
 lib/security/rte_security.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/security/rte_security.c b/lib/security/rte_security.c
index e5c862f5f570..669888ef0807 100644
--- a/lib/security/rte_security.c
+++ b/lib/security/rte_security.c
@@ -11,6 +11,7 @@
 #include <rte_cryptodev.h>
 #include <dev_driver.h>
 #include <rte_telemetry.h>
+#include <rte_os_shim.h>
 #include "rte_security.h"
 #include "rte_security_driver.h"
 
@@ -497,13 +498,14 @@ security_handle_cryptodev_crypto_caps(const char *cmd __rte_unused, const char *
 	int dev_id, capa_id;
 	int crypto_caps_n;
 	char *end_param;
+	char *sp = NULL;
 	int rc;
 
 	if (!params || strlen(params) == 0 || !isdigit(*params))
 		return -EINVAL;
 
 	dev_id = strtoul(params, &end_param, 0);
-	capa_param = strtok(end_param, ",");
+	capa_param = strtok_r(end_param, ",", &sp);
 	if (!capa_param || strlen(capa_param) == 0 || !isdigit(*capa_param))
 		return -EINVAL;
 
-- 
2.22.0