From: Stephen Hemminger <stephen@networkplumber.org>
To: dev@dpdk.org
Cc: Stephen Hemminger <stephen@networkplumber.org>
Subject: [PATCH v6 17/18] cfgfile: add length checks and increase line buffer
Date: Tue, 23 Dec 2025 10:13:15 -0800 [thread overview]
Message-ID: <20251223181418.40834-18-stephen@networkplumber.org> (raw)
In-Reply-To: <20251223181418.40834-1-stephen@networkplumber.org>
When adding values to config info, add string length checks instead
of silently truncating. Increase the size of the buffer used to read
from a config file so that there will be enough space for longest
entries.
Signed-off-by: Stephen Hemminger <stephen@networkplumber.org>
---
lib/cfgfile/rte_cfgfile.c | 36 +++++++++++++++++++++++++++---------
1 file changed, 27 insertions(+), 9 deletions(-)
diff --git a/lib/cfgfile/rte_cfgfile.c b/lib/cfgfile/rte_cfgfile.c
index 9723ec756f..74a8bf7aae 100644
--- a/lib/cfgfile/rte_cfgfile.c
+++ b/lib/cfgfile/rte_cfgfile.c
@@ -2,6 +2,7 @@
* Copyright(c) 2010-2014 Intel Corporation
*/
+#include <assert.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -106,6 +107,9 @@ static int
_add_entry(struct rte_cfgfile_section *section, const char *entryname,
const char *entryvalue)
{
+ if (strlen(entryname) >= CFG_NAME_LEN || strlen(entryvalue) >= CFG_VALUE_LEN)
+ return -ENAMETOOLONG;
+
/* resize entry structure if we don't have room for more entries */
if (section->num_entries == section->allocated_entries) {
struct rte_cfgfile_entry *n_entries = realloc(
@@ -167,12 +171,16 @@ rte_cfgfile_load(const char *filename, int flags)
&default_cfgfile_params);
}
+/* Need enough space for largest name and value */
+static_assert(LINE_MAX > CFG_NAME_LEN + CFG_VALUE_LEN + 4,
+ "not enough space for cfgfile name/value");
+
RTE_EXPORT_SYMBOL(rte_cfgfile_load_with_params)
struct rte_cfgfile *
rte_cfgfile_load_with_params(const char *filename, int flags,
const struct rte_cfgfile_parameters *params)
{
- char buffer[CFG_NAME_LEN + CFG_VALUE_LEN + 4];
+ char buffer[LINE_MAX];
int lineno = 0;
struct rte_cfgfile *cfg;
@@ -219,7 +227,13 @@ rte_cfgfile_load_with_params(const char *filename, int flags,
*end = '\0';
_strip(&buffer[1], end - &buffer[1]);
- rte_cfgfile_add_section(cfg, &buffer[1]);
+ int ret = rte_cfgfile_add_section(cfg, &buffer[1]);
+ if (ret != 0) {
+ CFG_LOG(ERR,
+ "line %d - add section failed: %s",
+ lineno, strerror(-ret));
+ goto error1;
+ }
} else {
/* key and value line */
char *split[2] = {NULL};
@@ -260,8 +274,13 @@ rte_cfgfile_load_with_params(const char *filename, int flags,
if (cfg->num_sections == 0)
goto error1;
- _add_entry(&cfg->sections[cfg->num_sections - 1],
- split[0], split[1]);
+ int ret = _add_entry(&cfg->sections[cfg->num_sections - 1],
+ split[0], split[1]);
+ if (ret != 0) {
+ CFG_LOG(ERR,
+ "line %d - add entry failed: %s", lineno, strerror(-ret));
+ goto error1;
+ }
}
}
fclose(f);
@@ -341,6 +360,9 @@ rte_cfgfile_add_section(struct rte_cfgfile *cfg, const char *sectionname)
if (sectionname == NULL)
return -EINVAL;
+ if (strlen(sectionname) >= CFG_NAME_LEN)
+ return -ENAMETOOLONG;
+
/* resize overall struct if we don't have room for more sections */
if (cfg->num_sections == cfg->allocated_sections) {
@@ -376,8 +398,6 @@ int rte_cfgfile_add_entry(struct rte_cfgfile *cfg,
const char *sectionname, const char *entryname,
const char *entryvalue)
{
- int ret;
-
if ((cfg == NULL) || (sectionname == NULL) || (entryname == NULL)
|| (entryvalue == NULL))
return -EINVAL;
@@ -391,9 +411,7 @@ int rte_cfgfile_add_entry(struct rte_cfgfile *cfg,
if (curr_section == NULL)
return -EINVAL;
- ret = _add_entry(curr_section, entryname, entryvalue);
-
- return ret;
+ return _add_entry(curr_section, entryname, entryvalue);
}
RTE_EXPORT_SYMBOL(rte_cfgfile_set_entry)
--
2.51.0
next prev parent reply other threads:[~2025-12-23 18:16 UTC|newest]
Thread overview: 107+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-12-02 17:24 [RFC 0/8] first steps in fixing buffer overflow Stephen Hemminger
2025-12-02 17:24 ` [RFC 1/8] eal: use C library to parse filesystem table Stephen Hemminger
2025-12-02 17:24 ` [RFC 2/8] hash: fix possible ring name overflow Stephen Hemminger
2025-12-02 17:24 ` [RFC 3/8] eal: warn if thread name is truncated Stephen Hemminger
2025-12-02 17:24 ` [RFC 4/8] eal: avoid format overflow when handling addresses Stephen Hemminger
2025-12-02 17:24 ` [RFC 5/8] ethdev: avoid possible overflow in xstat names Stephen Hemminger
2025-12-02 17:24 ` [RFC 6/8] efd: avoid overflowing ring name Stephen Hemminger
2025-12-02 17:24 ` [RFC 7/8] eal: add check for sysfs path overflow Stephen Hemminger
2025-12-02 17:24 ` [RFC 8/8] eal: limit maximum runtime directory and socket paths Stephen Hemminger
2025-12-05 2:28 ` [RFC v2 00/14] lib: check for string overflow Stephen Hemminger
2025-12-05 2:28 ` [RFC v2 01/14] eal: use C library to parse filesystem table Stephen Hemminger
2025-12-05 2:28 ` [RFC v2 02/14] test: avoid long hash names Stephen Hemminger
2025-12-05 8:29 ` Bruce Richardson
2025-12-05 17:00 ` Stephen Hemminger
2025-12-05 18:19 ` Bruce Richardson
2025-12-05 2:28 ` [RFC v2 03/14] lpm: restrict name size Stephen Hemminger
2025-12-05 2:28 ` [RFC v2 04/14] hash: avoid possible ring name overflow Stephen Hemminger
2025-12-05 2:28 ` [RFC v2 05/14] graph: avoid overflowing comment buffer Stephen Hemminger
2025-12-05 2:28 ` [RFC v2 06/14] eal: warn if thread name is truncated Stephen Hemminger
2025-12-05 8:32 ` Bruce Richardson
2025-12-05 2:28 ` [RFC v2 07/14] eal: avoid format overflow when handling addresses Stephen Hemminger
2025-12-05 2:28 ` [RFC v2 08/14] ethdev: avoid possible overflow in xstat names Stephen Hemminger
2025-12-05 8:34 ` Bruce Richardson
2025-12-05 2:28 ` [RFC v2 09/14] vhost: check for overflow in xstat name Stephen Hemminger
2025-12-05 2:28 ` [RFC v2 10/14] efd: avoid overflowing ring name Stephen Hemminger
2025-12-05 8:37 ` Bruce Richardson
2025-12-05 2:28 ` [RFC v2 11/14] eal: add check for sysfs path overflow Stephen Hemminger
2025-12-05 2:28 ` [RFC v2 12/14] eal: limit maximum runtime directory and socket paths Stephen Hemminger
2025-12-05 8:46 ` Bruce Richardson
2025-12-05 2:28 ` [RFC v2 13/14] eal: check for hugefile path overflow Stephen Hemminger
2025-12-05 2:28 ` [RFC v2 14/14] lib: enable format overflow warnings Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 00/16] lib: find and fix possible string overflows Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 01/16] eal: use C library to parse filesystem table Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 02/16] lpm: restrict name size Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 03/16] hash: add checks for hash name length Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 04/16] graph: avoid overflowing comment buffer Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 05/16] latencystats: add check for string overflow Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 06/16] efd: handle possible name truncation Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 07/16] eal: warn if thread name is truncated Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 08/16] eal: avoid format overflow when handling addresses Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 09/16] eal: add check for sysfs path overflow Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 10/16] eal: limit maximum runtime directory and socket paths Stephen Hemminger
2025-12-08 8:58 ` Bruce Richardson
2025-12-08 19:14 ` Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 11/16] eal: check for hugefile path overflow Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 12/16] eal: check tailq length Stephen Hemminger
2025-12-08 8:58 ` Bruce Richardson
2025-12-05 20:11 ` [PATCH v3 13/16] eal: handle long shared library path Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 14/16] ethdev: avoid possible overflow in xstat names Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 15/16] vhost: check for overflow in xstat name Stephen Hemminger
2025-12-05 20:11 ` [PATCH v3 16/16] lib: enable format overflow warnings Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 00/16] lib: find and fix possible string overflows Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 01/16] eal: use C library to parse filesystem table Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 02/16] lpm: restrict name size Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 03/16] hash: add checks for hash name length Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 04/16] graph: avoid overflowing comment buffer Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 05/16] latencystats: add check for string overflow Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 06/16] efd: handle possible name truncation Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 07/16] eal: warn if thread name is truncated Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 08/16] eal: avoid format overflow when handling addresses Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 09/16] eal: add check for sysfs path overflow Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 10/16] eal: limit maximum runtime directory and socket paths Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 11/16] eal: check for hugefile path overflow Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 12/16] eal: check tailq length Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 13/16] eal: handle long shared library path Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 14/16] ethdev: avoid possible overflow in xstat names Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 15/16] vhost: check for overflow in xstat name Stephen Hemminger
2025-12-06 18:43 ` [PATCH v4 16/16] lib: enable format overflow warnings Stephen Hemminger
2025-12-07 19:11 ` [PATCH v5 00/17] lib: fix format overflows Stephen Hemminger
2025-12-07 19:11 ` [PATCH v5 01/17] eal: use C library to parse filesystem table Stephen Hemminger
2025-12-07 19:11 ` [PATCH v5 02/17] lpm: restrict name size Stephen Hemminger
2025-12-07 19:11 ` [PATCH v5 03/17] hash: add checks for hash name length Stephen Hemminger
2025-12-07 19:11 ` [PATCH v5 04/17] graph: avoid overflowing comment buffer Stephen Hemminger
2025-12-07 19:11 ` [PATCH v5 05/17] latencystats: add check for string overflow Stephen Hemminger
2025-12-07 19:11 ` [PATCH v5 06/17] telemetry: avoid possible " Stephen Hemminger
2025-12-07 19:11 ` [PATCH v5 07/17] efd: handle possible name truncation Stephen Hemminger
2025-12-07 19:11 ` [PATCH v5 08/17] eal: warn if thread name is truncated Stephen Hemminger
2025-12-07 19:12 ` [PATCH v5 09/17] eal: avoid format overflow when handling addresses Stephen Hemminger
2025-12-07 19:12 ` [PATCH v5 10/17] eal: add check for sysfs path overflow Stephen Hemminger
2025-12-07 19:12 ` [PATCH v5 11/17] eal: limit maximum runtime directory and socket paths Stephen Hemminger
2025-12-07 19:12 ` [PATCH v5 12/17] eal: check for hugefile path overflow Stephen Hemminger
2025-12-07 19:12 ` [PATCH v5 13/17] eal: check tailq length Stephen Hemminger
2025-12-07 19:12 ` [PATCH v5 14/17] eal: handle long shared library path Stephen Hemminger
2025-12-07 19:12 ` [PATCH v5 15/17] ethdev: avoid possible overflow in xstat names Stephen Hemminger
2025-12-07 19:12 ` [PATCH v5 16/17] vhost: check for overflow in xstat name Stephen Hemminger
2025-12-07 19:12 ` [PATCH v5 17/17] lib: enable format overflow warnings Stephen Hemminger
2025-12-16 23:20 ` [PATCH v5 00/17] lib: fix format overflows Patrick Robb
2025-12-17 6:57 ` Stephen Hemminger
2025-12-23 18:12 ` [PATCH v6 00/18] " Stephen Hemminger
2025-12-23 18:12 ` [PATCH v6 01/18] lpm: restrict name size Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 02/18] hash: add checks for hash name length Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 03/18] graph: avoid overflowing comment buffer Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 04/18] latencystats: add check for string overflow Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 05/18] telemetry: avoid possible " Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 06/18] efd: handle possible name truncation Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 07/18] eal: use C library to parse filesystem table Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 08/18] eal: warn if thread name is truncated Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 09/18] eal: avoid format overflow when handling addresses Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 10/18] eal: add check for sysfs path overflow Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 11/18] eal: limit maximum runtime directory and socket paths Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 12/18] eal: check for hugefile path overflow Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 13/18] eal: check tailq length Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 14/18] eal: handle long shared library path Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 15/18] ethdev: avoid possible overflow in xstat names Stephen Hemminger
2025-12-23 18:13 ` [PATCH v6 16/18] vhost: check for overflow in xstat name Stephen Hemminger
2025-12-23 18:13 ` Stephen Hemminger [this message]
2025-12-23 18:13 ` [PATCH v6 18/18] lib: enable format overflow warnings Stephen Hemminger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251223181418.40834-18-stephen@networkplumber.org \
--to=stephen@networkplumber.org \
--cc=dev@dpdk.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).